chiark / gitweb /
Reindent man pages to 2ch
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Wed, 4 Feb 2015 02:14:13 +0000 (21:14 -0500)
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Wed, 4 Feb 2015 04:11:35 +0000 (23:11 -0500)
153 files changed:
CODING_STYLE
man/binfmt.d.xml
man/bootchart.conf.xml
man/bootctl.xml
man/bootup.xml
man/coredumpctl.xml
man/crypttab.xml
man/daemon.xml
man/file-hierarchy.xml
man/halt.xml
man/hostname.xml
man/hostnamectl.xml
man/journald.conf.xml
man/kernel-command-line.xml
man/locale.conf.xml
man/localectl.xml
man/localtime.xml
man/loginctl.xml
man/logind.conf.xml
man/machine-id.xml
man/machine-info.xml
man/machinectl.xml
man/modules-load.d.xml
man/nss-myhostname.xml
man/nss-mymachines.xml
man/os-release.xml
man/pam_systemd.xml
man/resolved.conf.xml
man/runlevel.xml
man/sd-daemon.xml
man/sd-id128.xml
man/sd-journal.xml
man/sd-login.xml
man/sd_booted.xml
man/sd_bus_message_get_cookie.xml
man/sd_bus_message_get_monotonic_usec.xml
man/sd_bus_request_name.xml
man/sd_get_seats.xml
man/sd_id128_get_machine.xml
man/sd_id128_randomize.xml
man/sd_id128_to_string.xml
man/sd_is_fifo.xml
man/sd_journal_add_match.xml
man/sd_journal_get_catalog.xml
man/sd_journal_get_cursor.xml
man/sd_journal_get_cutoff_realtime_usec.xml
man/sd_journal_get_data.xml
man/sd_journal_get_fd.xml
man/sd_journal_get_realtime_usec.xml
man/sd_journal_get_usage.xml
man/sd_journal_next.xml
man/sd_journal_open.xml
man/sd_journal_print.xml
man/sd_journal_query_unique.xml
man/sd_journal_seek_head.xml
man/sd_journal_stream_fd.xml
man/sd_listen_fds.xml
man/sd_login_monitor_new.xml
man/sd_machine_get_class.xml
man/sd_notify.xml
man/sd_pid_get_session.xml
man/sd_seat_get_active.xml
man/sd_session_is_active.xml
man/sd_uid_get_state.xml
man/sd_watchdog_enabled.xml
man/shutdown.xml
man/sysctl.d.xml
man/systemd-analyze.xml
man/systemd-ask-password-console.service.xml
man/systemd-ask-password.xml
man/systemd-backlight@.service.xml
man/systemd-binfmt.service.xml
man/systemd-bootchart.xml
man/systemd-cat.xml
man/systemd-cgls.xml
man/systemd-cgtop.xml
man/systemd-cryptsetup-generator.xml
man/systemd-cryptsetup@.service.xml
man/systemd-debug-generator.xml
man/systemd-delta.xml
man/systemd-detect-virt.xml
man/systemd-efi-boot-generator.xml
man/systemd-escape.xml
man/systemd-firstboot.xml
man/systemd-fsck@.service.xml
man/systemd-fstab-generator.xml
man/systemd-getty-generator.xml
man/systemd-gpt-auto-generator.xml
man/systemd-halt.service.xml
man/systemd-hibernate-resume-generator.xml
man/systemd-hibernate-resume@.service.xml
man/systemd-hostnamed.service.xml
man/systemd-inhibit.xml
man/systemd-initctl.service.xml
man/systemd-journald.service.xml
man/systemd-localed.service.xml
man/systemd-logind.service.xml
man/systemd-machine-id-commit.service.xml
man/systemd-machine-id-commit.xml
man/systemd-machine-id-setup.xml
man/systemd-machined.service.xml
man/systemd-modules-load.service.xml
man/systemd-networkd-wait-online.service.xml
man/systemd-networkd.service.xml
man/systemd-notify.xml
man/systemd-nspawn.xml
man/systemd-path.xml
man/systemd-quotacheck.service.xml
man/systemd-random-seed.service.xml
man/systemd-remount-fs.service.xml
man/systemd-resolved.service.xml
man/systemd-rfkill@.service.xml
man/systemd-shutdownd.service.xml
man/systemd-socket-proxyd.xml
man/systemd-suspend.service.xml
man/systemd-sysctl.service.xml
man/systemd-system-update-generator.xml
man/systemd-system.conf.xml
man/systemd-sysusers.xml
man/systemd-timedated.service.xml
man/systemd-timesyncd.service.xml
man/systemd-tmpfiles.xml
man/systemd-tty-ask-password-agent.xml
man/systemd-update-done.service.xml
man/systemd-update-utmp.service.xml
man/systemd-user-sessions.service.xml
man/systemd-vconsole-setup.service.xml
man/systemd.automount.xml
man/systemd.device.xml
man/systemd.exec.xml
man/systemd.journal-fields.xml
man/systemd.kill.xml
man/systemd.link.xml
man/systemd.mount.xml
man/systemd.netdev.xml
man/systemd.network.xml
man/systemd.path.xml
man/systemd.preset.xml
man/systemd.service.xml
man/systemd.snapshot.xml
man/systemd.socket.xml
man/systemd.special.xml
man/systemd.swap.xml
man/systemd.target.xml
man/systemd.time.xml
man/systemd.timer.xml
man/systemd.unit.xml
man/systemd.xml
man/sysusers.d.xml
man/telinit.xml
man/timedatectl.xml
man/timesyncd.conf.xml
man/vconsole.conf.xml

index 0b1f809..30d24e5 100644 (file)
@@ -1,4 +1,5 @@
-- 8ch indent, no tabs
+- 8ch indent, no tabs, except for files in man/ which are 2ch indent,
+  and still no tabs
 
 - Don't break code lines too eagerly. We do *not* force line breaks at
   80ch, all of today's screens should be much larger than that. But
index 55a3df0..5b63cfb 100644 (file)
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 -->
 <refentry id="binfmt.d" conditional='ENABLE_BINFMT'
-          xmlns:xi="http://www.w3.org/2001/XInclude">
-
-        <refentryinfo>
-                <title>binfmt.d</title>
-                <productname>systemd</productname>
-
-                <authorgroup>
-                        <author>
-                                <contrib>Developer</contrib>
-                                <firstname>Lennart</firstname>
-                                <surname>Poettering</surname>
-                                <email>lennart@poettering.net</email>
-                        </author>
-                </authorgroup>
-        </refentryinfo>
-
-        <refmeta>
-                <refentrytitle>binfmt.d</refentrytitle>
-                <manvolnum>5</manvolnum>
-        </refmeta>
-
-        <refnamediv>
-                <refname>binfmt.d</refname>
-                <refpurpose>Configure additional binary formats for
-                executables at boot</refpurpose>
-        </refnamediv>
-
-        <refsynopsisdiv>
-                <para><filename>/etc/binfmt.d/*.conf</filename></para>
-                <para><filename>/run/binfmt.d/*.conf</filename></para>
-                <para><filename>/usr/lib/binfmt.d/*.conf</filename></para>
-        </refsynopsisdiv>
-
-        <refsect1>
-                <title>Description</title>
-
-                <para>At boot,
-                <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                reads configuration files from the above directories
-                to register in the kernel additional binary
-                formats for executables.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>Configuration Format</title>
-
-                <para>Each file contains a list of binfmt_misc kernel
-                binary format rules. Consult <ulink
-                url="https://www.kernel.org/doc/Documentation/binfmt_misc.txt">binfmt_misc.txt</ulink>
-                for more information on registration of additional
-                binary formats and how to write rules.</para>
-
-                <para>Empty lines and lines beginning with ; and # are
-                ignored. Note that this means you may not use ; and #
-                as delimiter in binary format rules.</para>
-        </refsect1>
-
-        <xi:include href="standard-conf.xml" xpointer="confd" />
-
-        <refsect1>
-                <title>Example</title>
-                <example>
-                        <title>/etc/binfmt.d/wine.conf example:</title>
-
-                        <programlisting># Start WINE on Windows executables
+    xmlns:xi="http://www.w3.org/2001/XInclude">
+
+  <refentryinfo>
+    <title>binfmt.d</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>binfmt.d</refentrytitle>
+    <manvolnum>5</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>binfmt.d</refname>
+    <refpurpose>Configure additional binary formats for
+    executables at boot</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <para><filename>/etc/binfmt.d/*.conf</filename></para>
+    <para><filename>/run/binfmt.d/*.conf</filename></para>
+    <para><filename>/usr/lib/binfmt.d/*.conf</filename></para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>At boot,
+    <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    reads configuration files from the above directories to register
+    in the kernel additional binary formats for executables.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Configuration Format</title>
+
+    <para>Each file contains a list of binfmt_misc kernel binary
+    format rules. Consult <ulink
+    url="https://www.kernel.org/doc/Documentation/binfmt_misc.txt">binfmt_misc.txt</ulink>
+    for more information on registration of additional binary formats
+    and how to write rules.</para>
+
+    <para>Empty lines and lines beginning with ; and # are ignored.
+    Note that this means you may not use ; and # as delimiter in
+    binary format rules.</para>
+  </refsect1>
+
+  <xi:include href="standard-conf.xml" xpointer="confd" />
+
+  <refsect1>
+    <title>Example</title>
+    <example>
+      <title>/etc/binfmt.d/wine.conf example:</title>
+
+      <programlisting># Start WINE on Windows executables
 :DOSWin:M::MZ::/usr/bin/wine:</programlisting>
-                </example>
-        </refsect1>
-
-        <refsect1>
-                <title>See Also</title>
-                <para>
-                        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                        <citerefentry project='die-net'><refentrytitle>wine</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                </para>
-        </refsect1>
+    </example>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-binfmt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry project='die-net'><refentrytitle>wine</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    </para>
+  </refsect1>
 
 </refentry>
index e11ccb5..8bafcbe 100644 (file)
@@ -1,7 +1,7 @@
 <?xml version='1.0'?> <!--*-nxml-*-->
 <?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-        "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
 <!--
   This file is part of systemd.
 -->
 
 <refentry id="bootchart.conf" conditional='ENABLE_BOOTCHART'
-          xmlns:xi="http://www.w3.org/2001/XInclude">
-        <refentryinfo>
-                <title>bootchart.conf</title>
-                <productname>systemd</productname>
-
-                <authorgroup>
-                        <author>
-                                <contrib>Developer</contrib>
-                                <firstname>Auke</firstname>
-                                <surname>Kok</surname>
-                                <email>auke-jan.h.kok@intel.com</email>
-                        </author>
-                </authorgroup>
-        </refentryinfo>
-
-        <refmeta>
-                <refentrytitle>bootchart.conf</refentrytitle>
-                <manvolnum>5</manvolnum>
-        </refmeta>
-
-        <refnamediv>
-                <refname>bootchart.conf</refname>
-                <refname>bootchart.conf.d</refname>
-                <refpurpose>Boot performance analysis graphing tool configuration files</refpurpose>
-        </refnamediv>
-
-        <refsynopsisdiv>
-                <para><filename>/etc/systemd/bootchart.conf</filename></para>
-                <para><filename>/etc/systemd/bootchart.conf.d/*.conf</filename></para>
-                <para><filename>/run/systemd/bootchart.conf.d/*.conf</filename></para>
-                <para><filename>/usr/lib/systemd/bootchart.conf.d/*.conf</filename></para>
-        </refsynopsisdiv>
-
-        <refsect1>
-                <title>Description</title>
-
-                <para>When starting, systemd-bootchart will read the
-                configuration file
-                <filename>/etc/systemd/bootchart.conf</filename>, followed by
-                the files in the <filename>bootchart.conf.d</filename>
-                directories.  These configuration files determine logging
-                parameters and graph output.</para>
-        </refsect1>
-
-        <xi:include href="standard-conf.xml" xpointer="confd" />
-        <xi:include href="standard-conf.xml" xpointer="conf" />
-
-        <refsect1>
-                <title>Options</title>
-
-                <variablelist class='bootchart-directives'>
-
-                        <varlistentry>
-                                <term><varname>Samples=500</varname></term>
-                                <listitem><para>Configure the amount of samples to
-                                record in total before bootchart exits. Each sample will
-                                record at intervals defined by Frequency=.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>Frequency=25</varname></term>
-                                <listitem><para>Configure the sample log frequency.
-                                This can be a fractional number, but must be larger than
-                                0.0. Most systems can cope with values under 25-50 without
-                                impacting boot time severely.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>Relative=no</varname></term>
-                                <listitem><para>Configures whether the left axis of the
-                                output graph equals time=0.0 (<constant>CLOCK_MONOTONIC</constant> start). This
-                                is useful for using bootchart at post-boot time to profile
-                                an already booted system, otherwise the graph would become
-                                extremely large. If set to yes, the horizontal axis starts
-                                at the first recorded sample instead of time=0.0.
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>Filter=no</varname></term>
-                                <listitem><para>Configures whether the resulting graph
-                                should omit tasks that did not contribute significantly
-                                to the boot. Processes that are too short-lived (only
-                                seen in one sample) or that do not consume any significant
-                                CPU time (less than 0.001sec) will not be displayed in
-                                the output graph.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>Output=[path]</varname></term>
-                                <listitem><para>Configures the output directory for writing
-                                the graphs. By default, bootchart writes the graphs to
-                                <filename>/run/log</filename>.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>Init=[path]</varname></term>
-                                <listitem><para>Configures bootchart to run a non-standard
-                                binary instead of <filename>/usr/lib/systemd/systemd</filename>. This
-                                option is only relevant if bootchart was invoked from the
-                                kernel command line with
-                                init=/usr/lib/systemd/systemd-bootchart.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>PlotMemoryUsage=no</varname></term>
-                                <listitem><para>If set to yes, enables logging and graphing
-                                of processes' PSS memory consumption.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>PlotEntropyGraph=no</varname></term>
-                                <listitem><para>If set to yes, enables logging and graphing
-                                of the kernel random entropy pool size.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>ScaleX=100</varname></term>
-                                <listitem><para>Horizontal scaling factor for all variable
-                                graph components.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>ScaleY=20</varname></term>
-                                <listitem><para>Vertical scaling factor for all variable
-                                graph components.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>ControlGroup=no</varname></term>
-                                <listitem><para>Display process control group.</para></listitem>
-                        </varlistentry>
-
-                </variablelist>
-        </refsect1>
-
-        <refsect1>
-                  <title>See Also</title>
-                  <para>
-                          <citerefentry><refentrytitle>systemd-bootchart</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                          <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-                  </para>
-        </refsect1>
+    xmlns:xi="http://www.w3.org/2001/XInclude">
+  <refentryinfo>
+    <title>bootchart.conf</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Auke</firstname>
+        <surname>Kok</surname>
+        <email>auke-jan.h.kok@intel.com</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>bootchart.conf</refentrytitle>
+    <manvolnum>5</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>bootchart.conf</refname>
+    <refname>bootchart.conf.d</refname>
+    <refpurpose>Boot performance analysis graphing tool configuration files</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <para><filename>/etc/systemd/bootchart.conf</filename></para>
+    <para><filename>/etc/systemd/bootchart.conf.d/*.conf</filename></para>
+    <para><filename>/run/systemd/bootchart.conf.d/*.conf</filename></para>
+    <para><filename>/usr/lib/systemd/bootchart.conf.d/*.conf</filename></para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>When starting, systemd-bootchart will read the configuration
+    file <filename>/etc/systemd/bootchart.conf</filename>, followed by
+    the files in the <filename>bootchart.conf.d</filename>
+    directories. These configuration files determine logging
+    parameters and graph output.</para>
+  </refsect1>
+
+  <xi:include href="standard-conf.xml" xpointer="confd" />
+  <xi:include href="standard-conf.xml" xpointer="conf" />
+
+  <refsect1>
+    <title>Options</title>
+
+    <variablelist class='bootchart-directives'>
+
+      <varlistentry>
+        <term><varname>Samples=500</varname></term>
+        <listitem><para>Configure the amount of samples to record in
+        total before bootchart exits. Each sample will record at
+        intervals defined by Frequency=.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>Frequency=25</varname></term>
+        <listitem><para>Configure the sample log frequency. This can
+        be a fractional number, but must be larger than 0.0. Most
+        systems can cope with values under 25-50 without impacting
+        boot time severely.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>Relative=no</varname></term>
+        <listitem><para>Configures whether the left axis of the output
+        graph equals time=0.0 (<constant>CLOCK_MONOTONIC</constant>
+        start). This is useful for using bootchart at post-boot time
+        to profile an already booted system, otherwise the graph would
+        become extremely large. If set to yes, the horizontal axis
+        starts at the first recorded sample instead of time=0.0.
+        </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>Filter=no</varname></term>
+        <listitem><para>Configures whether the resulting graph should
+        omit tasks that did not contribute significantly to the boot.
+        Processes that are too short-lived (only seen in one sample)
+        or that do not consume any significant CPU time (less than
+        0.001sec) will not be displayed in the output
+        graph.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>Output=[path]</varname></term>
+        <listitem><para>Configures the output directory for writing
+        the graphs. By default, bootchart writes the graphs to
+        <filename>/run/log</filename>.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>Init=[path]</varname></term>
+        <listitem><para>Configures bootchart to run a non-standard
+        binary instead of
+        <filename>/usr/lib/systemd/systemd</filename>. This option is
+        only relevant if bootchart was invoked from the kernel command
+        line with
+        init=/usr/lib/systemd/systemd-bootchart.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>PlotMemoryUsage=no</varname></term>
+        <listitem><para>If set to yes, enables logging and graphing of
+        processes' PSS memory consumption.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>PlotEntropyGraph=no</varname></term>
+        <listitem><para>If set to yes, enables logging and graphing of
+        the kernel random entropy pool size.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>ScaleX=100</varname></term>
+        <listitem><para>Horizontal scaling factor for all variable
+        graph components.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>ScaleY=20</varname></term>
+        <listitem><para>Vertical scaling factor for all variable graph
+        components.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>ControlGroup=no</varname></term>
+        <listitem><para>Display process control group.
+        </para></listitem>
+      </varlistentry>
+
+    </variablelist>
+  </refsect1>
+
+  <refsect1>
+      <title>See Also</title>
+      <para>
+        <citerefentry><refentrytitle>systemd-bootchart</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+        <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+      </para>
+  </refsect1>
 
 </refentry>
index 5254022..00f54c7 100644 (file)
@@ -1,6 +1,6 @@
 <?xml version='1.0'?> <!--*-nxml-*-->
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-        "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
 <!--
   This file is part of systemd.
 -->
 
 <refentry id="bootctl" conditional='ENABLE_EFI'
-          xmlns:xi="http://www.w3.org/2001/XInclude">
-
-        <refentryinfo>
-                <title>bootctl</title>
-                <productname>systemd</productname>
-
-                <authorgroup>
-                        <author>
-                                <contrib>Developer</contrib>
-                                <firstname>Kay</firstname>
-                                <surname>Sievers</surname>
-                                <email>kay@vrfy.org</email>
-                        </author>
-                </authorgroup>
-        </refentryinfo>
-
-        <refmeta>
-                <refentrytitle>bootctl</refentrytitle>
-                <manvolnum>1</manvolnum>
-        </refmeta>
-
-        <refnamediv>
-                <refname>bootctl</refname>
-                <refpurpose>Control the firmware and boot manager settings</refpurpose>
-        </refnamediv>
-
-        <refsynopsisdiv>
-                <cmdsynopsis>
-                        <command>bootctl</command>
-                        <arg choice="opt" rep="repeat">OPTIONS</arg>
-                        <arg choice="req">COMMAND</arg>
-                </cmdsynopsis>
-        </refsynopsisdiv>
-
-        <refsect1>
-                <title>Description</title>
-
-                <para><command>bootctl</command> may be used to
-                query or (in the future) change the firmware and boot
-                manager settings.</para>
-
-                <para>Firmware information is available only on EFI
-                systems.</para>
-
-                <para>Currently, only the <citerefentry project='gummiboot'><refentrytitle>gummiboot</refentrytitle><manvolnum>8</manvolnum></citerefentry> boot
-                manager implements the required boot loader interface
-                to provide complete boot manager information.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>Options</title>
-
-                <para>The following options are understood:</para>
-
-                <variablelist>
-                        <xi:include href="standard-options.xml" xpointer="help" />
-                        <xi:include href="standard-options.xml" xpointer="version" />
-                </variablelist>
-
-                <para>The following commands are understood:</para>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><command>status</command></term>
-
-                                <listitem><para>Show firmware and boot
-                                manager information about the system,
-                                including secure boot mode status and
-                                selected firmware entry (where
-                                available).</para></listitem>
-                        </varlistentry>
-                </variablelist>
-
-        </refsect1>
-
-        <refsect1>
-                <title>Exit status</title>
-
-                <para>On success, 0 is returned, a non-zero failure
-                code otherwise.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>See Also</title>
-                <para>
-                        <ulink url="http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface">Boot loader interface</ulink>,
-                        <ulink url="http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec">Boot loader specification</ulink>,
-                        <ulink url="http://www.freedesktop.org/wiki/Software/gummiboot/">gummiboot</ulink>
-                </para>
-        </refsect1>
+    xmlns:xi="http://www.w3.org/2001/XInclude">
+
+  <refentryinfo>
+    <title>bootctl</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Kay</firstname>
+        <surname>Sievers</surname>
+        <email>kay@vrfy.org</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>bootctl</refentrytitle>
+    <manvolnum>1</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>bootctl</refname>
+    <refpurpose>Control the firmware and boot manager settings</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <cmdsynopsis>
+      <command>bootctl</command>
+      <arg choice="opt" rep="repeat">OPTIONS</arg>
+      <arg choice="req">COMMAND</arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><command>bootctl</command> may be used to query or (in the
+    future) change the firmware and boot manager settings.</para>
+
+    <para>Firmware information is available only on EFI systems.
+    </para>
+
+    <para>Currently, only the
+    <citerefentry project='gummiboot'><refentrytitle>gummiboot</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    boot manager implements the required boot loader interface to
+    provide complete boot manager information.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Options</title>
+
+    <para>The following options are understood:</para>
+
+    <variablelist>
+      <xi:include href="standard-options.xml" xpointer="help" />
+      <xi:include href="standard-options.xml" xpointer="version" />
+    </variablelist>
+
+    <para>The following commands are understood:</para>
+
+    <variablelist>
+      <varlistentry>
+        <term><command>status</command></term>
+
+        <listitem><para>Show firmware and boot manager information
+        about the system, including secure boot mode status and
+        selected firmware entry (where available).</para></listitem>
+      </varlistentry>
+    </variablelist>
+
+  </refsect1>
+
+  <refsect1>
+    <title>Exit status</title>
+
+    <para>On success, 0 is returned, a non-zero failure code
+    otherwise.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <ulink url="http://www.freedesktop.org/wiki/Software/systemd/BootLoaderInterface">Boot loader interface</ulink>,
+      <ulink url="http://www.freedesktop.org/wiki/Specifications/BootLoaderSpec">Boot loader specification</ulink>,
+      <ulink url="http://www.freedesktop.org/wiki/Software/gummiboot/">gummiboot</ulink>
+    </para>
+  </refsect1>
 
 </refentry>
index 0854b6c..b5c3e15 100644 (file)
@@ -1,6 +1,6 @@
 <?xml version='1.0'?> <!--*-nxml-*-->
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-        "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
 <!--
   This file is part of systemd.
 
 <refentry id="bootup">
 
-        <refentryinfo>
-                <title>bootup</title>
-                <productname>systemd</productname>
-
-                <authorgroup>
-                        <author>
-                                <contrib>Developer</contrib>
-                                <firstname>Lennart</firstname>
-                                <surname>Poettering</surname>
-                                <email>lennart@poettering.net</email>
-                        </author>
-                </authorgroup>
-        </refentryinfo>
-
-        <refmeta>
-                <refentrytitle>bootup</refentrytitle>
-                <manvolnum>7</manvolnum>
-        </refmeta>
-
-        <refnamediv>
-                <refname>bootup</refname>
-                <refpurpose>System bootup process</refpurpose>
-        </refnamediv>
-
-        <refsect1>
-                <title>Description</title>
-
-                <para>A number of different components are involved in
-                the system boot. Immediately after power-up, the
-                system BIOS will do minimal hardware initialization,
-                and hand control over to a boot loader stored on a
-                persistent storage device. This boot loader will then
-                invoke an OS kernel from disk (or the network). In the
-                Linux case, this kernel (optionally) extracts and
-                executes an initial RAM disk image (initrd), such as
-                generated by
-                <citerefentry project='die-net'><refentrytitle>dracut</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                which looks for the root file system (possibly using
-                <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-                for this). After the root file system is found and
-                mounted, the initrd hands over control to the host's
-                system manager (such as
-                <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>)
-                stored on the OS image, which is then responsible for
-                probing all remaining hardware, mounting all necessary
-                file systems and spawning all configured
-                services.</para>
-
-                <para>On shutdown, the system manager stops all
-                services, unmounts all file systems (detaching the
-                storage technologies backing them), and then
-                (optionally) jumps back into the initrd code which
-                unmounts/detaches the root file system and the storage
-                it resides on. As a last step, the system is powered down.</para>
-
-                <para>Additional information about the system boot
-                process may be found in
-                <citerefentry project='man-pages'><refentrytitle>boot</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>System Manager Bootup</title>
-
-                <para>At boot, the system manager on the OS image is
-                responsible for initializing the required file
-                systems, services and drivers that are necessary for
-                operation of the system. On
-                <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-                systems, this process is split up in various discrete
-                steps which are exposed as target units. (See
-                <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                for detailed information about target units.) The
-                boot-up process is highly parallelized so that the
-                order in which specific target units are reached is not
-                deterministic, but still adheres to a limited amount
-                of ordering structure.</para>
-
-                <para>When systemd starts up the system, it will
-                activate all units that are dependencies of
-                <filename>default.target</filename> (as well as
-                recursively all dependencies of these
-                dependencies). Usually,
-                <filename>default.target</filename> is simply an alias
-                of <filename>graphical.target</filename> or
-                <filename>multi-user.target</filename>, depending on
-                whether the system is configured for a graphical UI or
-                only for a text console. To enforce minimal ordering
-                between the units pulled in, a number of well-known
-                target units are available, as listed on
-                <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
-
-                <para>The following chart is a structural overview of
-                these well-known units and their position in the
-                boot-up logic. The arrows describe which units are
-                pulled in and ordered before which other units. Units
-                near the top are started before units nearer to the
-                bottom of the chart.</para>
+  <refentryinfo>
+    <title>bootup</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>bootup</refentrytitle>
+    <manvolnum>7</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>bootup</refname>
+    <refpurpose>System bootup process</refpurpose>
+  </refnamediv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>A number of different components are involved in the system
+    boot. Immediately after power-up, the system BIOS will do minimal
+    hardware initialization, and hand control over to a boot loader
+    stored on a persistent storage device. This boot loader will then
+    invoke an OS kernel from disk (or the network). In the Linux case,
+    this kernel (optionally) extracts and executes an initial RAM disk
+    image (initrd), such as generated by
+    <citerefentry project='die-net'><refentrytitle>dracut</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+    which looks for the root file system (possibly using
+    <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+    for this). After the root file system is found and mounted, the
+    initrd hands over control to the host's system manager (such as
+    <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>)
+    stored on the OS image, which is then responsible for probing all
+    remaining hardware, mounting all necessary file systems and
+    spawning all configured services.</para>
+
+    <para>On shutdown, the system manager stops all services, unmounts
+    all file systems (detaching the storage technologies backing
+    them), and then (optionally) jumps back into the initrd code which
+    unmounts/detaches the root file system and the storage it resides
+    on. As a last step, the system is powered down.</para>
+
+    <para>Additional information about the system boot process may be
+    found in
+    <citerefentry project='man-pages'><refentrytitle>boot</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>System Manager Bootup</title>
+
+    <para>At boot, the system manager on the OS image is responsible
+    for initializing the required file systems, services and drivers
+    that are necessary for operation of the system. On
+    <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+    systems, this process is split up in various discrete steps which
+    are exposed as target units. (See
+    <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+    for detailed information about target units.) The boot-up process
+    is highly parallelized so that the order in which specific target
+    units are reached is not deterministic, but still adheres to a
+    limited amount of ordering structure.</para>
+
+    <para>When systemd starts up the system, it will activate all
+    units that are dependencies of <filename>default.target</filename>
+    (as well as recursively all dependencies of these dependencies).
+    Usually, <filename>default.target</filename> is simply an alias of
+    <filename>graphical.target</filename> or
+    <filename>multi-user.target</filename>, depending on whether the
+    system is configured for a graphical UI or only for a text
+    console. To enforce minimal ordering between the units pulled in,
+    a number of well-known target units are available, as listed on
+    <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
+
+    <para>The following chart is a structural overview of these
+    well-known units and their position in the boot-up logic. The
+    arrows describe which units are pulled in and ordered before which
+    other units. Units near the top are started before units nearer to
+    the bottom of the chart.</para>
 
 <programlisting>local-fs-pre.target
-         |
-         v
+   |
+   v
 (various mounts and   (various swap   (various cryptsetup
- fsck services...)     devices...)        devices...)       (various low-level   (various low-level
-         |                  |                  |             services: udevd,     API VFS mounts:
-         v                  v                  v             tmpfiles, random     mqueue, configfs,
+ fsck services...)     devices...)  devices...)       (various low-level   (various low-level
+   |      |      |       services: udevd,     API VFS mounts:
+   v      v      v       tmpfiles, random     mqueue, configfs,
   local-fs.target      swap.target     cryptsetup.target    seed, sysctl, ...)      debugfs, ...)
-         |                  |                  |                    |                    |
-         \__________________|_________________ | ___________________|____________________/
-                                              \|/
-                                               v
-                                        sysinit.target
-                                               |
-          ____________________________________/|\________________________________________
-         /                  |                  |                    |                    \
-         |                  |                  |                    |                    |
-         v                  v                  |                    v                    v
-     (various           (various               |                (various          rescue.service
-    timers...)          paths...)              |               sockets...)               |
-         |                  |                  |                    |                    v
-         v                  v                  |                    v              <emphasis>rescue.target</emphasis>
-   timers.target      paths.target             |             sockets.target
-         |                  |                  |                    |
-         v                  |_________________ | ___________________/
-                                              \|/
-                                               v
-                                         basic.target
-                                               |
-          ____________________________________/|                                 emergency.service
-         /                  |                  |                                         |
-         |                  |                  |                                         v
-         v                  v                  v                                 <emphasis>emergency.target</emphasis>
-     display-        (various system    (various system
- manager.service         services           services)
-         |             required for            |
-         |            graphical UIs)           v
-         |                  |           <emphasis>multi-user.target</emphasis>
-         |                  |                  |
-         \_________________ | _________________/
-                           \|/
-                            v
-                  <emphasis>graphical.target</emphasis></programlisting>
-
-                <para>Target units that are commonly used as boot
-                targets are <emphasis>emphasized</emphasis>. These
-                units are good choices as goal targets, for
-                example by passing them to the
-                <varname>systemd.unit=</varname> kernel command line
-                option (see
-                <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>)
-                or by symlinking <filename>default.target</filename>
-                to them.</para>
-
-                <para><filename>timers.target</filename> is pulled-in
-                by <filename>basic.target</filename> asynchronously.
-                This allows timers units to depend on services which
-                become only available later in boot.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>Bootup in the Initial RAM Disk (initrd)</title>
-                <para>The initial RAM disk implementation (initrd) can
-                be set up using systemd as well. In this case, boot up
-                inside the initrd follows the following
-                structure.</para>
-
-                <para>The default target in the initrd is
-                <filename>initrd.target</filename>. The bootup process
-                begins identical to the system manager bootup (see
-                above) until it reaches
-                <filename>basic.target</filename>. From there, systemd
-                approaches the special target
-                <filename>initrd.target</filename>. If the root device
-                can be mounted at <filename>/sysroot</filename>, the
-                <filename>sysroot.mount</filename> unit becomes active
-                and <filename>initrd-root-fs.target</filename> is
-                reached.  The service
-                <filename>initrd-parse-etc.service</filename> scans
-                <filename>/sysroot/etc/fstab</filename> for a possible
-                <filename>/usr</filename> mount point and additional
-                entries marked with the
-                <emphasis>x-initrd.mount</emphasis> option. All
-                entries found are mounted below
-                <filename>/sysroot</filename>, and
-                <filename>initrd-fs.target</filename> is reached. The
-                service <filename>initrd-cleanup.service</filename>
-                isolates to the
-                <filename>initrd-switch-root.target</filename>, where
-                cleanup services can run. As the very last step, the
-                <filename>initrd-switch-root.service</filename> is
-                activated, which will cause the system to switch its
-                root to <filename>/sysroot</filename>.
-                </para>
-
-<programlisting>                                               : (beginning identical to above)
-                                               :
-                                               v
-                                         basic.target
-                                               |                                 emergency.service
-                        ______________________/|                                         |
-                       /                       |                                         v
-                       |                  sysroot.mount                          <emphasis>emergency.target</emphasis>
-                       |                       |
-                       |                       v
-                       |             initrd-root-fs.target
-                       |                       |
-                       |                       v
-                       v            initrd-parse-etc.service
-                (custom initrd                 |
-                 services...)                  v
-                       |            (sysroot-usr.mount and
-                       |             various mounts marked
-                       |               with fstab option
-                       |              x-initrd.mount...)
-                       |                       |
-                       |                       v
-                       |                initrd-fs.target
-                       \______________________ |
-                                              \|
-                                               v
-                                          initrd.target
-                                               |
-                                               v
-                                     initrd-cleanup.service
-                                          isolates to
-                                    initrd-switch-root.target
-                                               |
-                                               v
-                        ______________________/|
-                       /                       v
-                       |        initrd-udevadm-cleanup-db.service
-                       v                       |
-                (custom initrd                 |
-                 services...)                  |
-                       \______________________ |
-                                              \|
-                                               v
-                                   initrd-switch-root.target
-                                               |
-                                               v
-                                   initrd-switch-root.service
-                                               |
-                                               v
-                                     Transition to Host OS</programlisting>
-        </refsect1>
-
-
-        <refsect1>
-                <title>System Manager Shutdown</title>
-
-                <para>System shutdown with systemd also consists of
-                various target units with some minimal ordering
-                structure applied:</para>
-
-
-
-
-<programlisting>                                  (conflicts with  (conflicts with
-                                    all system     all file system
-                                     services)     mounts, swaps,
-                                         |           cryptsetup
-                                         |          devices, ...)
-                                         |                |
-                                         v                v
-                                  shutdown.target    umount.target
-                                         |                |
-                                         \_______   ______/
-                                                 \ /
-                                                  v
-                                         (various low-level
-                                              services)
-                                                  |
-                                                  v
-                                            final.target
-                                                  |
-            _____________________________________/ \_________________________________
-           /                         |                        |                      \
-           |                         |                        |                      |
-           v                         v                        v                      v
+   |      |      |        |        |
+   \__________________|_________________ | ___________________|____________________/
+                \|/
+                 v
+          sysinit.target
+                 |
+    ____________________________________/|\________________________________________
+   /      |      |        |        \
+   |      |      |        |        |
+   v      v      |        v        v
+     (various     (various         |    (various    rescue.service
+    timers...)    paths...)        |         sockets...)         |
+   |      |      |        |        v
+   v      v      |        v        <emphasis>rescue.target</emphasis>
+   timers.target      paths.target       |       sockets.target
+   |      |      |        |
+   v      |_________________ | ___________________/
+                \|/
+                 v
+           basic.target
+                 |
+    ____________________________________/|         emergency.service
+   /      |      |           |
+   |      |      |           v
+   v      v      v         <emphasis>emergency.target</emphasis>
+     display-  (various system    (various system
+ manager.service   services     services)
+   |       required for      |
+   |      graphical UIs)     v
+   |      |     <emphasis>multi-user.target</emphasis>
+   |      |      |
+   \_________________ | _________________/
+         \|/
+          v
+      <emphasis>graphical.target</emphasis></programlisting>
+
+    <para>Target units that are commonly used as boot targets are
+    <emphasis>emphasized</emphasis>. These units are good choices as
+    goal targets, for example by passing them to the
+    <varname>systemd.unit=</varname> kernel command line option (see
+    <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>)
+    or by symlinking <filename>default.target</filename> to
+    them.</para>
+
+    <para><filename>timers.target</filename> is pulled-in by
+    <filename>basic.target</filename> asynchronously. This allows
+    timers units to depend on services which become only available
+    later in boot.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Bootup in the Initial RAM Disk (initrd)</title>
+    <para>The initial RAM disk implementation (initrd) can be set up
+    using systemd as well. In this case, boot up inside the initrd
+    follows the following structure.</para>
+
+    <para>The default target in the initrd is
+    <filename>initrd.target</filename>. The bootup process begins
+    identical to the system manager bootup (see above) until it
+    reaches <filename>basic.target</filename>. From there, systemd
+    approaches the special target <filename>initrd.target</filename>.
+    If the root device can be mounted at
+    <filename>/sysroot</filename>, the
+    <filename>sysroot.mount</filename> unit becomes active and
+    <filename>initrd-root-fs.target</filename> is reached. The service
+    <filename>initrd-parse-etc.service</filename> scans
+    <filename>/sysroot/etc/fstab</filename> for a possible
+    <filename>/usr</filename> mount point and additional entries
+    marked with the <emphasis>x-initrd.mount</emphasis> option. All
+    entries found are mounted below <filename>/sysroot</filename>, and
+    <filename>initrd-fs.target</filename> is reached. The service
+    <filename>initrd-cleanup.service</filename> isolates to the
+    <filename>initrd-switch-root.target</filename>, where cleanup
+    services can run. As the very last step, the
+    <filename>initrd-switch-root.service</filename> is activated,
+    which will cause the system to switch its root to
+    <filename>/sysroot</filename>.
+    </para>
+
+<programlisting>                 : (beginning identical to above)
+                 :
+                 v
+           basic.target
+                 |         emergency.service
+      ______________________/|           |
+           /           |           v
+           |      sysroot.mount        <emphasis>emergency.target</emphasis>
+           |           |
+           |           v
+           |       initrd-root-fs.target
+           |           |
+           |           v
+           v      initrd-parse-etc.service
+    (custom initrd     |
+     services...)      v
+           |      (sysroot-usr.mount and
+           |       various mounts marked
+           |         with fstab option
+           |        x-initrd.mount...)
+           |           |
+           |           v
+           |    initrd-fs.target
+           \______________________ |
+                \|
+                 v
+            initrd.target
+                 |
+                 v
+             initrd-cleanup.service
+            isolates to
+            initrd-switch-root.target
+                 |
+                 v
+      ______________________/|
+           /           v
+           |  initrd-udevadm-cleanup-db.service
+           v           |
+    (custom initrd     |
+     services...)      |
+           \______________________ |
+                \|
+                 v
+           initrd-switch-root.target
+                 |
+                 v
+           initrd-switch-root.service
+                 |
+                 v
+             Transition to Host OS</programlisting>
+  </refsect1>
+
+
+  <refsect1>
+    <title>System Manager Shutdown</title>
+
+    <para>System shutdown with systemd also consists of various target
+    units with some minimal ordering structure applied:</para>
+
+<programlisting>          (conflicts with  (conflicts with
+            all system     all file system
+             services)     mounts, swaps,
+           |     cryptsetup
+           |    devices, ...)
+           |    |
+           v    v
+          shutdown.target    umount.target
+           |    |
+           \_______   ______/
+             \ /
+              v
+           (various low-level
+                services)
+              |
+              v
+              final.target
+              |
+      _____________________________________/ \_________________________________
+     /       |      |          \
+     |       |      |          |
+     v       v      v          v
 systemd-reboot.service   systemd-poweroff.service   systemd-halt.service   systemd-kexec.service
-           |                         |                        |                      |
-           v                         v                        v                      v
-    <emphasis>reboot.target</emphasis>             <emphasis>poweroff.target</emphasis>            <emphasis>halt.target</emphasis>           <emphasis>kexec.target</emphasis></programlisting>
-
-                <para>Commonly used system shutdown targets are <emphasis>emphasized</emphasis>.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>See Also</title>
-                <para>
-                        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                        <citerefentry project='man-pages'><refentrytitle>boot</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-                        <citerefentry project='die-net'><refentrytitle>dracut</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                </para>
-        </refsect1>
+     |       |      |          |
+     v       v      v          v
+    <emphasis>reboot.target</emphasis>       <emphasis>poweroff.target</emphasis>      <emphasis>halt.target</emphasis>     <emphasis>kexec.target</emphasis></programlisting>
+
+    <para>Commonly used system shutdown targets are
+    <emphasis>emphasized</emphasis>.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry project='man-pages'><refentrytitle>boot</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+      <citerefentry project='die-net'><refentrytitle>dracut</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    </para>
+  </refsect1>
 
 </refentry>
index 929af19..efbc655 100644 (file)
@@ -1,6 +1,6 @@
 <?xml version='1.0'?> <!--*-nxml-*-->
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-        "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
 <!--
   This file is part of systemd.
 -->
 
 <refentry id="coredumpctl" conditional='ENABLE_COREDUMP'
-          xmlns:xi="http://www.w3.org/2001/XInclude">
-
-        <refentryinfo>
-                <title>coredumpctl</title>
-                <productname>systemd</productname>
-
-                <authorgroup>
-                        <author>
-                                <contrib>Developer</contrib>
-                                <firstname>Zbigniew</firstname>
-                                <surname>Jędrzejewski-Szmek</surname>
-                                <email>zbyszek@in.waw.pl</email>
-                        </author>
-                </authorgroup>
-        </refentryinfo>
-
-        <refmeta>
-                <refentrytitle>coredumpctl</refentrytitle>
-                <manvolnum>1</manvolnum>
-        </refmeta>
-
-        <refnamediv>
-                <refname>coredumpctl</refname>
-                <refpurpose>Retrieve coredumps from the journal</refpurpose>
-        </refnamediv>
-
-        <refsynopsisdiv>
-                <cmdsynopsis>
-                        <command>coredumpctl</command>
-                        <arg choice="opt" rep="repeat">OPTIONS</arg>
-                        <arg choice="req">COMMAND</arg>
-                        <arg choice="opt" rep="repeat">PID|COMM|EXE|MATCH</arg>
-                </cmdsynopsis>
-        </refsynopsisdiv>
-
-        <refsect1>
-                <title>Description</title>
-
-                <para><command>coredumpctl</command> may be used to
-                retrieve coredumps from
-                <citerefentry><refentrytitle>systemd-journald</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>Options</title>
-
-                <para>The following options are understood:</para>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><option>--no-legend</option></term>
-
-                                <listitem><para>Do not print column headers.
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>-1</option></term>
-
-                                <listitem><para>Show information of a
-                                single coredump only, instead of
-                                listing all known coredumps.
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>-F</option></term>
-                                <term><option>--field=</option></term>
-
-                                <listitem><para>Print all possible
-                                data values the specified field
-                                takes in matching coredump entries of the
-                                journal.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>-o</option></term>
-                                <term><option>--output=FILE</option></term>
-
-                                <listitem><para>Write the core to
-                                <option>FILE</option>.</para></listitem>
-                        </varlistentry>
-
-                        <xi:include href="standard-options.xml" xpointer="help" />
-                        <xi:include href="standard-options.xml" xpointer="version" />
-                        <xi:include href="standard-options.xml" xpointer="no-pager" />
-
-                </variablelist>
-
-                <para>The following commands are understood:</para>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><command>list</command></term>
-
-                                <listitem><para>List coredumps
-                                captured in the journal matching
-                                specified characteristics. If no
-                                command is specified, this is the
-                                implied default.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><command>info</command></term>
-
-                                <listitem><para>Show detailed
-                                information about coredumps captured
-                                in the journal.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><command>dump</command></term>
-
-                                <listitem><para>Extract the last coredump
-                                matching specified characteristics.
-                                The coredump will be written on standard output,
-                                unless an output file is specified with
-                                <option>-o/--output</option>.
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><command>gdb</command></term>
-
-                                <listitem><para>Invoke the GNU
-                                debugger on the last coredump matching
-                                specified characteristics.
-                                </para></listitem>
-                        </varlistentry>
-
-                </variablelist>
-
-        </refsect1>
-
-        <refsect1>
-                <title>Matching</title>
-
-                <para>A match can be:</para>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><replaceable>PID</replaceable></term>
-
-                                <listitem><para>Process ID of the
-                                process that dumped
-                                core. An integer.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><replaceable>COMM</replaceable></term>
-
-                                <listitem><para>Name of the executable
-                                (matches <option>COREDUMP_COMM=</option>).
-                                Must not contain slashes.
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><replaceable>EXE</replaceable></term>
-
-                                <listitem><para>Path to the executable
-                                (matches <option>COREDUMP_EXE=</option>).
-                                Must contain at least one slash.
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><replaceable>MATCH</replaceable></term>
-
-                                <listitem><para>General journalctl predicates
-                                (see <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>).
-                                Must contain an equal sign.
-                                </para></listitem>
-                        </varlistentry>
-                </variablelist>
-        </refsect1>
-
-        <refsect1>
-                <title>Exit status</title>
-                <para>On success, 0 is returned; otherwise, a non-zero failure
-                code is returned. Not finding any matching coredumps is treated
-                as failure.
-                </para>
-        </refsect1>
-
-        <refsect1>
-                <title>Examples</title>
-
-                <example>
-                        <title>List all the coredumps of a program named foo</title>
-
-                        <programlisting># coredumpctl list foo</programlisting>
-                </example>
-
-                <example>
-                        <title>Invoke gdb on the last coredump</title>
-
-                        <programlisting># coredumpctl gdb</programlisting>
-                </example>
-
-                <example>
-                        <title>Show information about a process that dumped core, matching by its PID 6654</title>
-
-                        <programlisting># coredumpctl info 6654</programlisting>
-                </example>
-
-                <example>
-                        <title>Extract the last coredump of /usr/bin/bar to a file named bar.coredump</title>
-
-                        <programlisting># coredumpctl -o bar.coredump dump /usr/bin/bar</programlisting>
-                </example>
-        </refsect1>
-
-        <refsect1>
-                <title>See Also</title>
-                <para>
-                        <citerefentry><refentrytitle>systemd-coredump</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>coredump.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                        <citerefentry project='man-pages'><refentrytitle>gdb</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-                </para>
-        </refsect1>
+    xmlns:xi="http://www.w3.org/2001/XInclude">
+
+  <refentryinfo>
+    <title>coredumpctl</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Zbigniew</firstname>
+        <surname>Jędrzejewski-Szmek</surname>
+        <email>zbyszek@in.waw.pl</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>coredumpctl</refentrytitle>
+    <manvolnum>1</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>coredumpctl</refname>
+    <refpurpose>Retrieve coredumps from the journal</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <cmdsynopsis>
+      <command>coredumpctl</command>
+      <arg choice="opt" rep="repeat">OPTIONS</arg>
+      <arg choice="req">COMMAND</arg>
+      <arg choice="opt" rep="repeat">PID|COMM|EXE|MATCH</arg>
+    </cmdsynopsis>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><command>coredumpctl</command> may be used to
+    retrieve coredumps from
+    <citerefentry><refentrytitle>systemd-journald</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Options</title>
+
+    <para>The following options are understood:</para>
+
+    <variablelist>
+      <varlistentry>
+        <term><option>--no-legend</option></term>
+
+        <listitem><para>Do not print column headers.
+        </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>-1</option></term>
+
+        <listitem><para>Show information of a single coredump only,
+        instead of listing all known coredumps. </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>-F</option></term>
+        <term><option>--field=</option></term>
+
+        <listitem><para>Print all possible data values the specified
+        field takes in matching coredump entries of the
+        journal.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>-o</option></term>
+        <term><option>--output=FILE</option></term>
+
+        <listitem><para>Write the core to <option>FILE</option>.
+        </para></listitem>
+      </varlistentry>
+
+      <xi:include href="standard-options.xml" xpointer="help" />
+      <xi:include href="standard-options.xml" xpointer="version" />
+      <xi:include href="standard-options.xml" xpointer="no-pager" />
+
+    </variablelist>
+
+    <para>The following commands are understood:</para>
+
+    <variablelist>
+      <varlistentry>
+        <term><command>list</command></term>
+
+        <listitem><para>List coredumps captured in the journal
+        matching specified characteristics. If no command is
+        specified, this is the implied default.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><command>info</command></term>
+
+        <listitem><para>Show detailed information about coredumps
+        captured in the journal.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><command>dump</command></term>
+
+        <listitem><para>Extract the last coredump matching specified
+        characteristics. The coredump will be written on standard
+        output, unless an output file is specified with
+        <option>-o/--output</option>. </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><command>gdb</command></term>
+
+        <listitem><para>Invoke the GNU debugger on the last coredump
+        matching specified characteristics. </para></listitem>
+      </varlistentry>
+
+    </variablelist>
+
+  </refsect1>
+
+  <refsect1>
+    <title>Matching</title>
+
+    <para>A match can be:</para>
+
+    <variablelist>
+      <varlistentry>
+        <term><replaceable>PID</replaceable></term>
+
+        <listitem><para>Process ID of the
+        process that dumped
+        core. An integer.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><replaceable>COMM</replaceable></term>
+
+        <listitem><para>Name of the executable (matches
+        <option>COREDUMP_COMM=</option>). Must not contain slashes.
+        </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><replaceable>EXE</replaceable></term>
+
+        <listitem><para>Path to the executable (matches
+        <option>COREDUMP_EXE=</option>). Must contain at least one
+        slash. </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><replaceable>MATCH</replaceable></term>
+
+        <listitem><para>General journalctl predicates (see
+        <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>).
+        Must contain an equal sign. </para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1>
+    <title>Exit status</title>
+    <para>On success, 0 is returned; otherwise, a non-zero failure
+    code is returned. Not finding any matching coredumps is treated as
+    failure.
+    </para>
+  </refsect1>
+
+  <refsect1>
+    <title>Examples</title>
+
+    <example>
+      <title>List all the coredumps of a program named foo</title>
+
+      <programlisting># coredumpctl list foo</programlisting>
+    </example>
+
+    <example>
+      <title>Invoke gdb on the last coredump</title>
+
+      <programlisting># coredumpctl gdb</programlisting>
+    </example>
+
+    <example>
+      <title>Show information about a process that dumped core,
+      matching by its PID 6654</title>
+
+      <programlisting># coredumpctl info 6654</programlisting>
+    </example>
+
+    <example>
+      <title>Extract the last coredump of /usr/bin/bar to a file named
+      <filename noindex="true">bar.coredump</filename></title>
+
+      <programlisting># coredumpctl -o bar.coredump dump /usr/bin/bar</programlisting>
+    </example>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd-coredump</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>coredump.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry project='man-pages'><refentrytitle>gdb</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+    </para>
+  </refsect1>
 
 </refentry>
index 1a1002e..aeacc57 100644 (file)
 -->
 <refentry id="crypttab" conditional='HAVE_LIBCRYPTSETUP'>
 
-        <refentryinfo>
-                <title>crypttab</title>
-                <productname>systemd</productname>
-
-                <authorgroup>
-                        <author>
-                                <contrib>Documentation</contrib>
-                                <firstname>Miloslav</firstname>
-                                <surname>Trmac</surname>
-                                <email>mitr@redhat.com</email>
-                        </author>
-                        <author>
-                                <contrib>Documentation</contrib>
-                                <firstname>Lennart</firstname>
-                                <surname>Poettering</surname>
-                                <email>lennart@poettering.net</email>
-                        </author>
-                </authorgroup>
-        </refentryinfo>
-
-        <refmeta>
-                <refentrytitle>crypttab</refentrytitle>
-                <manvolnum>5</manvolnum>
-        </refmeta>
-
-        <refnamediv>
-                <refname>crypttab</refname>
-                <refpurpose>Configuration for encrypted block devices</refpurpose>
-        </refnamediv>
-
-        <refsynopsisdiv>
-                <para><filename>/etc/crypttab</filename></para>
-        </refsynopsisdiv>
-
-        <refsect1>
-                <title>Description</title>
-
-                <para>The <filename>/etc/crypttab</filename> file
-                describes encrypted block devices that are set up
-                during system boot.</para>
-
-                <para>Empty lines and lines starting with the <literal>#</literal>
-                character are ignored.  Each of the remaining lines
-                describes one encrypted block device, fields on the
-                line are delimited by white space.  The first two
-                fields are mandatory, the remaining two are
-                optional.</para>
-
-                <para>Setting up encrypted block devices using this file
-                supports three encryption modes: LUKS, TrueCrypt and plain.
-                See <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                for more information about each mode. When no mode is specified
-                in the options field and the block device contains a LUKS
-                signature, it is opened as a LUKS device; otherwise, it is
-                assumed to be in raw dm-crypt (plain mode) format.</para>
-
-                <para>The first field contains the name of the
-                resulting encrypted block device; the device is set up
-                within <filename>/dev/mapper/</filename>.</para>
-
-                <para>The second field contains a path to the
-                underlying block device or file, or a specification of a block
-                device via <literal>UUID=</literal> followed by the
-                UUID.</para>
-
-                <para>The third field specifies the encryption
-                password.  If the field is not present or the password
-                is set to <literal>none</literal> or <literal>-</literal>,
-                the password has to be manually entered during system boot.
-                Otherwise, the field is interpreted as a absolute path to
-                a file containing the encryption password. For swap encryption,
-                <filename>/dev/urandom</filename> or the hardware
-                device <filename>/dev/hw_random</filename> can be used
-                as the password file; using
-                <filename>/dev/random</filename> may prevent boot
-                completion if the system does not have enough entropy
-                to generate a truly random encryption key.</para>
-
-                <para>The fourth field, if present, is a
-                comma-delimited list of options.  The following
-                options are recognized:</para>
-
-                <variablelist class='fstab-options'>
-
-                        <varlistentry>
-                                <term><option>discard</option></term>
-
-                                <listitem><para>Allow discard requests to be
-                                passed through the encrypted block device. This
-                                improves performance on SSD storage but has
-                                security implications.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>cipher=</option></term>
-
-                                <listitem><para>Specifies the cipher to use. See
-                                <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for possible values and the default value of
-                                this option. A cipher with unpredictable IV
-                                values, such as <literal>aes-cbc-essiv:sha256</literal>,
-                                is recommended.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>hash=</option></term>
-
-                                <listitem><para>Specifies the hash to use for
-                                password hashing. See
-                                <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for possible values and the default value of
-                                this option.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>header=</option></term>
-
-                                <listitem><para>Use a detached (separated)
-                                metadata device or file where the LUKS header
-                                is stored. This option is only relevant for
-                                LUKS devices. See
-                                <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for possible values and the default value of
-                                this option.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>keyfile-offset=</option></term>
-
-                                <listitem><para>Specifies the number of bytes to
-                                skip at the start of the key file. See
-                                <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for possible values and the default value of
-                                this option.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>keyfile-size=</option></term>
-
-                                <listitem><para>Specifies the maximum number
-                                of bytes to read from the key file. See
-                                <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for possible values and the default value of
-                                this option. This option is ignored in plain
-                                encryption mode, as the key file size is then
-                                given by the key size.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>key-slot=</option></term>
-
-                                <listitem><para>Specifies the key slot to
-                                compare the passphrase or key against.
-                                If the key slot does not match the given
-                                passphrase or key, but another would, the
-                                setup of the device will fail regardless.
-                                This option implies <option>luks</option>. See
-                                <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for possible values. The default is to try
-                                all key slots in sequential order.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>luks</option></term>
-
-                                <listitem><para>Force LUKS mode. When this mode
-                                is used, the following options are ignored since
-                                they are provided by the LUKS header on the
-                                device: <option>cipher=</option>,
-                                <option>hash=</option>,
-                                <option>size=</option>.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>noauto</option></term>
-
-                                <listitem><para>This device will not be
-                                automatically unlocked on boot.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>nofail</option></term>
-
-                                <listitem><para>The system will not wait for the
-                                device to show up and be unlocked at boot, and
-                                not fail the boot if it does not show up.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>plain</option></term>
-
-                                <listitem><para>Force plain encryption mode.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>read-only</option></term><term><option>readonly</option></term>
-
-                                <listitem><para>Set up the encrypted block
-                                device in read-only mode.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>size=</option></term>
-
-                                <listitem><para>Specifies the key size
-                                in bits. See
-                                <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for possible values and the default value of
-                                this option.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>swap</option></term>
-
-                                <listitem><para>The encrypted block device will
-                                be used as a swap device, and will be formatted
-                                accordingly after setting up the encrypted
-                                block device, with
-                                <citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
-                                This option implies <option>plain</option>.</para>
-
-                                <para>WARNING: Using the <option>swap</option>
-                                option will destroy the contents of the named
-                                partition during every boot, so make sure the
-                                underlying block device is specified correctly.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>tcrypt</option></term>
-
-                                <listitem><para>Use TrueCrypt encryption mode.
-                                When this mode is used, the following options are
-                                ignored since they are provided by the TrueCrypt
-                                header on the device or do not apply:
-                                <option>cipher=</option>,
-                                <option>hash=</option>,
-                                <option>keyfile-offset=</option>,
-                                <option>keyfile-size=</option>,
-                                <option>size=</option>.</para>
-
-                                <para>When this mode is used, the passphrase is
-                                read from the key file given in the third field.
-                                Only the first line of this file is read,
-                                excluding the new line character.</para>
-
-                                <para>Note that the TrueCrypt format uses both
-                                passphrase and key files to derive a password
-                                for the volume. Therefore, the passphrase and
-                                all key files need to be provided. Use
-                                <option>tcrypt-keyfile=</option> to provide
-                                the absolute path to all key files. When using
-                                an empty passphrase in combination with one or
-                                more key files, use <literal>/dev/null</literal>
-                                as the password file in the third field.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>tcrypt-hidden</option></term>
-
-                                <listitem><para>Use the hidden TrueCrypt volume.
-                                This option implies <option>tcrypt</option>.</para>
-
-                                <para>This will map the hidden volume that is
-                                inside of the volume provided in the second
-                                field. Please note that there is no protection
-                                for the hidden volume if the outer volume is
-                                mounted instead. See
-                                <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                                for more information on this limitation.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>tcrypt-keyfile=</option></term>
-
-                                <listitem><para>Specifies the absolute path to a
-                                key file to use for a TrueCrypt volume. This
-                                implies <option>tcrypt</option> and can be
-                                used more than once to provide several key
-                                files.</para>
-
-                                <para>See the entry for <option>tcrypt</option>
-                                on the behavior of the passphrase and key files
-                                when using TrueCrypt encryption mode.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>tcrypt-system</option></term>
-
-                                <listitem><para>Use TrueCrypt in system
-                                encryption mode. This option implies
-                                <option>tcrypt</option>.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>timeout=</option></term>
-
-                                <listitem><para>Specifies the timeout for
-                                querying for a password. If no unit is
-                                specified, seconds is used. Supported units are
-                                s, ms, us, min, h, d. A timeout of 0 waits
-                                indefinitely (which is the default).</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>x-systemd.device-timeout=</option></term>
-
-                                <listitem><para>Specifies how long
-                                systemd should wait for a device to
-                                show up before giving up on the
-                                entry. The argument is a time in
-                                seconds or explicitly specified
-                                units of <literal>s</literal>,
-                                <literal>min</literal>,
-                                <literal>h</literal>,
-                                <literal>ms</literal>.
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>tmp</option></term>
-
-                                <listitem><para>The encrypted block device will
-                                be prepared for using it as <filename>/tmp</filename>;
-                                it will be formatted using
-                                <citerefentry project='man-pages'><refentrytitle>mke2fs</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
-                                This option implies <option>plain</option>.</para>
-
-                                <para>WARNING: Using the <option>tmp</option>
-                                option will destroy the contents of the named
-                                partition during every boot, so make sure the
-                                underlying block device is specified correctly.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>tries=</option></term>
-
-                                <listitem><para>Specifies the maximum number of
-                                times the user is queried for a password.
-                                The default is 3. If set to 0, the user is
-                                queried for a password indefinitely.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><option>verify</option></term>
-
-                                <listitem><para> If the encryption password is
-                                read from console, it has to be entered twice to
-                                prevent typos.</para></listitem>
-                        </varlistentry>
-
-                </variablelist>
-
-                <para>At early boot and when the system manager
-                configuration is reloaded, this file is translated into
-                native systemd units
-                by <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>Example</title>
-                <example>
-                        <title>/etc/crypttab example</title>
-                        <para>Set up four encrypted block devices. One using
-                        LUKS for normal storage, another one for usage as a swap
-                        device and two TrueCrypt volumes.</para>
-
-                        <programlisting>luks       UUID=2505567a-9e27-4efe-a4d5-15ad146c258b
-swap       /dev/sda7       /dev/urandom             swap
+  <refentryinfo>
+    <title>crypttab</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Documentation</contrib>
+        <firstname>Miloslav</firstname>
+        <surname>Trmac</surname>
+        <email>mitr@redhat.com</email>
+      </author>
+      <author>
+        <contrib>Documentation</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>crypttab</refentrytitle>
+    <manvolnum>5</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>crypttab</refname>
+    <refpurpose>Configuration for encrypted block devices</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <para><filename>/etc/crypttab</filename></para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>The <filename>/etc/crypttab</filename> file describes
+    encrypted block devices that are set up during system boot.</para>
+
+    <para>Empty lines and lines starting with the <literal>#</literal>
+    character are ignored. Each of the remaining lines describes one
+    encrypted block device, fields on the line are delimited by white
+    space. The first two fields are mandatory, the remaining two are
+    optional.</para>
+
+    <para>Setting up encrypted block devices using this file supports
+    three encryption modes: LUKS, TrueCrypt and plain. See
+    <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    for more information about each mode. When no mode is specified in
+    the options field and the block device contains a LUKS signature,
+    it is opened as a LUKS device; otherwise, it is assumed to be in
+    raw dm-crypt (plain mode) format.</para>
+
+    <para>The first field contains the name of the resulting encrypted
+    block device; the device is set up within
+    <filename>/dev/mapper/</filename>.</para>
+
+    <para>The second field contains a path to the underlying block
+    device or file, or a specification of a block device via
+    <literal>UUID=</literal> followed by the UUID.</para>
+
+    <para>The third field specifies the encryption password. If the
+    field is not present or the password is set to
+    <literal>none</literal> or <literal>-</literal>, the password has
+    to be manually entered during system boot. Otherwise, the field is
+    interpreted as a absolute path to a file containing the encryption
+    password. For swap encryption, <filename>/dev/urandom</filename>
+    or the hardware device <filename>/dev/hw_random</filename> can be
+    used as the password file; using <filename>/dev/random</filename>
+    may prevent boot completion if the system does not have enough
+    entropy to generate a truly random encryption key.</para>
+
+    <para>The fourth field, if present, is a comma-delimited list of
+    options. The following options are recognized:</para>
+
+    <variablelist class='fstab-options'>
+
+      <varlistentry>
+        <term><option>discard</option></term>
+
+        <listitem><para>Allow discard requests to be passed through
+        the encrypted block device. This improves performance on SSD
+        storage but has security implications.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>cipher=</option></term>
+
+        <listitem><para>Specifies the cipher to use. See
+        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for possible values and the default value of this option. A
+        cipher with unpredictable IV values, such as
+        <literal>aes-cbc-essiv:sha256</literal>, is
+        recommended.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>hash=</option></term>
+
+        <listitem><para>Specifies the hash to use for password
+        hashing. See
+        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for possible values and the default value of this
+        option.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>header=</option></term>
+
+        <listitem><para>Use a detached (separated) metadata device or
+        file where the LUKS header is stored. This option is only
+        relevant for LUKS devices. See
+        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for possible values and the default value of this
+        option.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>keyfile-offset=</option></term>
+
+        <listitem><para>Specifies the number of bytes to skip at the
+        start of the key file. See
+        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for possible values and the default value of this
+        option.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>keyfile-size=</option></term>
+
+        <listitem><para>Specifies the maximum number of bytes to read
+        from the key file. See
+        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for possible values and the default value of this option. This
+        option is ignored in plain encryption mode, as the key file
+        size is then given by the key size.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>key-slot=</option></term>
+
+        <listitem><para>Specifies the key slot to compare the
+        passphrase or key against. If the key slot does not match the
+        given passphrase or key, but another would, the setup of the
+        device will fail regardless. This option implies
+        <option>luks</option>. See
+        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for possible values. The default is to try all key slots in
+        sequential order.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>luks</option></term>
+
+        <listitem><para>Force LUKS mode. When this mode is used, the
+        following options are ignored since they are provided by the
+        LUKS header on the device: <option>cipher=</option>,
+        <option>hash=</option>,
+        <option>size=</option>.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>noauto</option></term>
+
+        <listitem><para>This device will not be automatically unlocked
+        on boot.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>nofail</option></term>
+
+        <listitem><para>The system will not wait for the device to
+        show up and be unlocked at boot, and not fail the boot if it
+        does not show up.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>plain</option></term>
+
+        <listitem><para>Force plain encryption mode.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>read-only</option></term><term><option>readonly</option></term>
+
+        <listitem><para>Set up the encrypted block device in read-only
+        mode.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>size=</option></term>
+
+        <listitem><para>Specifies the key size in bits. See
+        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for possible values and the default value of this
+        option.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>swap</option></term>
+
+        <listitem><para>The encrypted block device will be used as a
+        swap device, and will be formatted accordingly after setting
+        up the encrypted block device, with
+        <citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+        This option implies <option>plain</option>.</para>
+
+        <para>WARNING: Using the <option>swap</option> option will
+        destroy the contents of the named partition during every boot,
+        so make sure the underlying block device is specified
+        correctly.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>tcrypt</option></term>
+
+        <listitem><para>Use TrueCrypt encryption mode. When this mode
+        is used, the following options are ignored since they are
+        provided by the TrueCrypt header on the device or do not
+        apply:
+        <option>cipher=</option>,
+        <option>hash=</option>,
+        <option>keyfile-offset=</option>,
+        <option>keyfile-size=</option>,
+        <option>size=</option>.</para>
+
+        <para>When this mode is used, the passphrase is read from the
+        key file given in the third field. Only the first line of this
+        file is read, excluding the new line character.</para>
+
+        <para>Note that the TrueCrypt format uses both passphrase and
+        key files to derive a password for the volume. Therefore, the
+        passphrase and all key files need to be provided. Use
+        <option>tcrypt-keyfile=</option> to provide the absolute path
+        to all key files. When using an empty passphrase in
+        combination with one or more key files, use
+        <literal>/dev/null</literal> as the password file in the third
+        field.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>tcrypt-hidden</option></term>
+
+        <listitem><para>Use the hidden TrueCrypt volume. This option
+        implies <option>tcrypt</option>.</para>
+
+        <para>This will map the hidden volume that is inside of the
+        volume provided in the second field. Please note that there is
+        no protection for the hidden volume if the outer volume is
+        mounted instead. See
+        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for more information on this limitation.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>tcrypt-keyfile=</option></term>
+
+        <listitem><para>Specifies the absolute path to a key file to
+        use for a TrueCrypt volume. This implies
+        <option>tcrypt</option> and can be used more than once to
+        provide several key files.</para>
+
+        <para>See the entry for <option>tcrypt</option> on the
+        behavior of the passphrase and key files when using TrueCrypt
+        encryption mode.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>tcrypt-system</option></term>
+
+        <listitem><para>Use TrueCrypt in system encryption mode. This
+        option implies <option>tcrypt</option>.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>timeout=</option></term>
+
+        <listitem><para>Specifies the timeout for querying for a
+        password. If no unit is specified, seconds is used. Supported
+        units are s, ms, us, min, h, d. A timeout of 0 waits
+        indefinitely (which is the default).</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>x-systemd.device-timeout=</option></term>
+
+        <listitem><para>Specifies how long systemd should wait for a
+        device to show up before giving up on the entry. The argument
+        is a time in seconds or explicitly specified units of
+        <literal>s</literal>,
+        <literal>min</literal>,
+        <literal>h</literal>,
+        <literal>ms</literal>.
+        </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>tmp</option></term>
+
+        <listitem><para>The encrypted block device will be prepared
+        for using it as <filename>/tmp</filename>; it will be
+        formatted using
+        <citerefentry project='man-pages'><refentrytitle>mke2fs</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+        This option implies <option>plain</option>.</para>
+
+        <para>WARNING: Using the <option>tmp</option> option will
+        destroy the contents of the named partition during every boot,
+        so make sure the underlying block device is specified
+        correctly.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>tries=</option></term>
+
+        <listitem><para>Specifies the maximum number of times the user
+        is queried for a password. The default is 3. If set to 0, the
+        user is queried for a password indefinitely.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>verify</option></term>
+
+        <listitem><para> If the encryption password is read from
+        console, it has to be entered twice to prevent
+        typos.</para></listitem>
+      </varlistentry>
+
+    </variablelist>
+
+    <para>At early boot and when the system manager configuration is
+    reloaded, this file is translated into native systemd units by
+    <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Example</title>
+    <example>
+      <title>/etc/crypttab example</title>
+      <para>Set up four encrypted block devices. One using LUKS for
+      normal storage, another one for usage as a swap device and two
+      TrueCrypt volumes.</para>
+
+      <programlisting>luks       UUID=2505567a-9e27-4efe-a4d5-15ad146c258b
+swap       /dev/sda7       /dev/urandom       swap
 truecrypt  /dev/sda2       /etc/container_password  tcrypt
-hidden     /mnt/tc_hidden  /dev/null                tcrypt-hidden,tcrypt-keyfile=/etc/keyfile</programlisting>
-                </example>
-        </refsect1>
-
-        <refsect1>
-                <title>See Also</title>
-                <para>
-                        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd-cryptsetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                        <citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                        <citerefentry project='man-pages'><refentrytitle>mke2fs</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                </para>
-        </refsect1>
+hidden     /mnt/tc_hidden  /dev/null    tcrypt-hidden,tcrypt-keyfile=/etc/keyfile</programlisting>
+    </example>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-cryptsetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry project='man-pages'><refentrytitle>mke2fs</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    </para>
+  </refsect1>
 
 </refentry>
index 5d3a990..a8bbfc0 100644 (file)
@@ -1,6 +1,6 @@
 <?xml version='1.0'?> <!--*-nxml-*-->
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-        "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
 <!--
   This file is part of systemd.
 
 <refentry id="daemon">
 
-        <refentryinfo>
-                <title>daemon</title>
-                <productname>systemd</productname>
-
-                <authorgroup>
-                        <author>
-                                <contrib>Developer</contrib>
-                                <firstname>Lennart</firstname>
-                                <surname>Poettering</surname>
-                                <email>lennart@poettering.net</email>
-                        </author>
-                </authorgroup>
-        </refentryinfo>
-
-        <refmeta>
-                <refentrytitle>daemon</refentrytitle>
-                <manvolnum>7</manvolnum>
-        </refmeta>
-
-        <refnamediv>
-                <refname>daemon</refname>
-                <refpurpose>Writing and packaging system daemons</refpurpose>
-        </refnamediv>
-
-        <refsect1>
-                <title>Description</title>
-
-                <para>A daemon is a service process that runs in the
-                background and supervises the system or provides
-                functionality to other processes. Traditionally,
-                daemons are implemented following a scheme originating
-                in SysV Unix. Modern daemons should follow a simpler
-                yet more powerful scheme (here called "new-style"
-                daemons), as implemented by
-                <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>. This
-                manual page covers both schemes, and in
-                particular includes recommendations for daemons that
-                shall be included in the systemd init system.</para>
-
-                <refsect2>
-                        <title>SysV Daemons</title>
-
-                        <para>When a traditional SysV daemon
-                        starts, it should execute the following steps
-                        as part of the initialization. Note that these
-                        steps are unnecessary for new-style daemons (see below),
-                        and should only be implemented if compatibility
-                        with SysV is essential.</para>
-
-                        <orderedlist>
-                                <listitem><para>Close all open file
-                                descriptors except standard input, output,
-                                and error (i.e. the first three file
-                                descriptors 0, 1, 2). This ensures
-                                that no accidentally passed file
-                                descriptor stays around in the daemon
-                                process. On Linux, this is best
-                                implemented by iterating through
-                                <filename>/proc/self/fd</filename>,
-                                with a fallback of iterating from file
-                                descriptor 3 to the value returned by
-                                <function>getrlimit()</function> for
-                                <constant>RLIMIT_NOFILE</constant>.
-                                </para></listitem>
-
-                                <listitem><para>Reset all signal
-                                handlers to their default. This is
-                                best done by iterating through the
-                                available signals up to the limit of
-                                <constant>_NSIG</constant> and resetting them to
-                                <constant>SIG_DFL</constant>.</para></listitem>
-
-                                <listitem><para>Reset the signal mask
-                                using
-                                <function>sigprocmask()</function>.</para></listitem>
-
-                                <listitem><para>Sanitize the
-                                environment block, removing or
-                                resetting environment variables that
-                                might negatively impact daemon
-                                runtime.</para></listitem>
-
-                                <listitem><para>Call <function>fork()</function>,
-                                to create a background
-                                process.</para></listitem>
-
-                                <listitem><para>In the child, call
-                                <function>setsid()</function> to
-                                detach from any terminal and create an
-                                independent session.</para></listitem>
-
-                                <listitem><para>In the child, call
-                                <function>fork()</function> again, to
-                                ensure that the daemon can never re-acquire
-                                a terminal again.</para></listitem>
-
-                                <listitem><para>Call <function>exit()</function> in the
-                                first child, so that only the second
-                                child (the actual daemon process)
-                                stays around. This ensures that the
-                                daemon process is re-parented to
-                                init/PID 1, as all daemons should
-                                be.</para></listitem>
-
-                                <listitem><para>In the daemon process,
-                                connect <filename>/dev/null</filename>
-                                to standard input, output, and error.
-                                </para></listitem>
-
-                                <listitem><para>In the daemon process,
-                                reset the umask to 0, so that the file
-                                modes passed to <function>open()</function>, <function>mkdir()</function> and
-                                suchlike directly control the access
-                                mode of the created files and
-                                directories.</para></listitem>
-
-                                <listitem><para>In the daemon process,
-                                change the current directory to the
-                                root directory (/), in order to avoid
-                                that the daemon involuntarily
-                                blocks mount points from being
-                                unmounted.</para></listitem>
-
-                                <listitem><para>In the daemon process,
-                                write the daemon PID (as returned by
-                                <function>getpid()</function>) to a
-                                PID file, for example
-                                <filename>/run/foobar.pid</filename>
-                                (for a hypothetical daemon "foobar")
-                                to ensure that the daemon cannot be
-                                started more than once. This must be
-                                implemented in race-free fashion so
-                                that the PID file is only updated when
-                                it is verified at the same time that
-                                the PID previously stored in the PID
-                                file no longer exists or belongs to a
-                                foreign process.</para></listitem>
-
-                                <listitem><para>In the daemon process,
-                                drop privileges, if possible and
-                                applicable.</para></listitem>
-
-                                <listitem><para>From the daemon
-                                process, notify the original process
-                                started that initialization is
-                                complete. This can be implemented via
-                                an unnamed pipe or similar
-                                communication channel that is created
-                                before the first
-                                <function>fork()</function> and hence
-                                available in both the original and the
-                                daemon process.</para></listitem>
-
-                                <listitem><para>Call
-                                <function>exit()</function> in the
-                                original process. The process that
-                                invoked the daemon must be able to
-                                rely on that this
-                                <function>exit()</function> happens
-                                after initialization is complete and
-                                all external communication channels
-                                are established and
-                                accessible.</para></listitem>
-                        </orderedlist>
-
-                        <para>The BSD <function>daemon()</function> function should not be
-                        used, as it implements only a subset of these steps.</para>
-
-                        <para>A daemon that needs to provide
-                        compatibility with SysV systems should
-                        implement the scheme pointed out
-                        above. However, it is recommended to make this
-                        behavior optional and configurable via a
-                        command line argument to ease debugging as
-                        well as to simplify integration into systems
-                        using systemd.</para>
-                </refsect2>
-
-                <refsect2>
-                        <title>New-Style Daemons</title>
-
-                        <para>Modern services for Linux should be
-                        implemented as new-style daemons. This makes it
-                        easier to supervise and control them at
-                        runtime and simplifies their
-                        implementation.</para>
-
-                        <para>For developing a new-style daemon, none
-                        of the initialization steps recommended for
-                        SysV daemons need to be implemented. New-style
-                        init systems such as systemd make all of them
-                        redundant. Moreover, since some of these steps
-                        interfere with process monitoring, file
-                        descriptor passing and other functionality of
-                        the init system, it is recommended not to
-                        execute them when run as new-style
-                        service.</para>
-
-                        <para>Note that new-style init systems
-                        guarantee execution of daemon processes in a
-                        clean process context: it is guaranteed that
-                        the environment block is sanitized, that the
-                        signal handlers and mask is reset and that no
-                        left-over file descriptors are passed. Daemons
-                        will be executed in their own session, with
-                        standard input/output/error connected to
-                        <filename>/dev/null</filename> unless
-                        otherwise configured. The umask is reset.
-                        </para>
-
-                        <para>It is recommended for new-style daemons
-                        to implement the following:</para>
-
-                        <orderedlist>
-                                <listitem><para>If <constant>SIGTERM</constant> is
-                                received, shut down the daemon and
-                                exit cleanly.</para></listitem>
-
-                                <listitem><para>If <constant>SIGHUP</constant> is received,
-                                reload the configuration files, if
-                                this applies.</para></listitem>
-
-                                <listitem><para>Provide a correct exit
-                                code from the main daemon process, as
-                                this is used by the init system to
-                                detect service errors and problems. It
-                                is recommended to follow the exit code
-                                scheme as defined in the <ulink
-                                url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB
-                                recommendations for SysV init
-                                scripts</ulink>.</para></listitem>
-
-                                <listitem><para>If possible and
-                                applicable, expose the daemon's control
-                                interface via the D-Bus IPC system and
-                                grab a bus name as last step of
-                                initialization.</para></listitem>
-
-                                <listitem><para>For integration in
-                                systemd, provide a
-                                <filename>.service</filename> unit
-                                file that carries information about
-                                starting, stopping and otherwise
-                                maintaining the daemon. See
-                                <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                                for details.</para></listitem>
-
-                                <listitem><para>As much as possible,
-                                rely on the init system's
-                                functionality to limit the access of
-                                the daemon to files, services and
-                                other resources, i.e. in the case of
-                                systemd, rely on systemd's resource
-                                limit control instead of implementing
-                                your own, rely on systemd's privilege
-                                dropping code instead of implementing
-                                it in the daemon, and similar. See
-                                <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                                for the available
-                                controls.</para></listitem>
-
-                                <listitem><para>If D-Bus is used, make
-                                your daemon bus-activatable by
-                                supplying a D-Bus service activation
-                                configuration file. This has multiple
-                                advantages: your daemon may be started
-                                lazily on-demand; it may be started in
-                                parallel to other daemons requiring it
-                                -- which maximizes parallelization and
-                                boot-up speed; your daemon can be
-                                restarted on failure without losing
-                                any bus requests, as the bus queues
-                                requests for activatable services. See
-                                below for details.</para></listitem>
-
-                                <listitem><para>If your daemon
-                                provides services to other local
-                                processes or remote clients via a
-                                socket, it should be made
-                                socket-activatable following the
-                                scheme pointed out below. Like D-Bus
-                                activation, this enables on-demand
-                                starting of services as well as it
-                                allows improved parallelization of
-                                service start-up. Also, for state-less
-                                protocols (such as syslog, DNS), a
-                                daemon implementing socket-based
-                                activation can be restarted without
-                                losing a single request. See below for
-                                details.</para></listitem>
-
-                                <listitem><para>If applicable, a daemon
-                                should notify the init system about
-                                startup completion or status updates
-                                via the
-                                <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-                                interface.</para></listitem>
-
-                                <listitem><para>Instead of using the
-                                <function>syslog()</function> call to
-                                log directly to the system syslog
-                                service, a new-style daemon may choose
-                                to simply log to standard error via
-                                <function>fprintf()</function>, which
-                                is then forwarded to syslog by the
-                                init system. If log levels are
-                                necessary, these can be encoded by
-                                prefixing individual log lines with
-                                strings like <literal>&lt;4&gt;</literal> (for log
-                                level 4 "WARNING" in the syslog
-                                priority scheme), following a similar
-                                style as the Linux kernel's
-                                <function>printk()</function> level
-                                system. For details, see
-                                <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-                                and
-                                <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem>
-
-                        </orderedlist>
-
-                        <para>These recommendations are similar but
-                        not identical to the <ulink
-                        url="https://developer.apple.com/library/mac/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingLaunchdJobs.html">Apple
-                        MacOS X Daemon Requirements</ulink>.</para>
-                </refsect2>
-
-        </refsect1>
-        <refsect1>
-                <title>Activation</title>
-
-                <para>New-style init systems provide multiple
-                additional mechanisms to activate services, as
-                detailed below. It is common that services are
-                configured to be activated via more than one mechanism
-                at the same time. An example for systemd:
-                <filename>bluetoothd.service</filename> might get
-                activated either when Bluetooth hardware is plugged
-                in, or when an application accesses its programming
-                interfaces via D-Bus. Or, a print server daemon might
-                get activated when traffic arrives at an IPP port, or
-                when a printer is plugged in, or when a file is queued
-                in the printer spool directory. Even for services that
-                are intended to be started on system bootup
-                unconditionally, it is a good idea to implement some of
-                the various activation schemes outlined below, in
-                order to maximize parallelization. If a daemon
-                implements a D-Bus service or listening socket,
-                implementing the full bus and socket activation scheme
-                allows starting of the daemon with its clients in
-                parallel (which speeds up boot-up), since all its
-                communication channels are established already, and no
-                request is lost because client requests will be queued
-                by the bus system (in case of D-Bus) or the kernel (in
-                case of sockets) until the activation is
-                completed.</para>
-
-                <refsect2>
-                        <title>Activation on Boot</title>
-
-                        <para>Old-style daemons are usually activated
-                        exclusively on boot (and manually by the
-                        administrator) via SysV init scripts, as
-                        detailed in the <ulink
-                        url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB
-                        Linux Standard Base Core
-                        Specification</ulink>. This method of
-                        activation is supported ubiquitously on Linux
-                        init systems, both old-style and new-style
-                        systems. Among other issues, SysV init scripts
-                        have the disadvantage of involving shell
-                        scripts in the boot process. New-style init
-                        systems generally employ updated versions of
-                        activation, both during boot-up and during
-                        runtime and using more minimal service
-                        description files.</para>
-
-                        <para>In systemd, if the developer or
-                        administrator wants to make sure that a service or
-                        other unit is activated automatically on boot,
-                        it is recommended to place a symlink to the
-                        unit file in the <filename>.wants/</filename>
-                        directory of either
-                        <filename>multi-user.target</filename> or
-                        <filename>graphical.target</filename>, which
-                        are normally used as boot targets at system
-                        startup. See
-                        <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                        for details about the
-                        <filename>.wants/</filename> directories, and
-                        <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-                        for details about the two boot targets.</para>
-
-                </refsect2>
-
-                <refsect2>
-                        <title>Socket-Based Activation</title>
-
-                        <para>In order to maximize the possible
-                        parallelization and robustness and simplify
-                        configuration and development, it is
-                        recommended for all new-style daemons that
-                        communicate via listening sockets to employ
-                        socket-based activation. In a socket-based
-                        activation scheme, the creation and binding of
-                        the listening socket as primary communication
-                        channel of daemons to local (and sometimes
-                        remote) clients is moved out of the daemon
-                        code and into the init system. Based on
-                        per-daemon configuration, the init system
-                        installs the sockets and then hands them off
-                        to the spawned process as soon as the
-                        respective daemon is to be started.
-                        Optionally, activation of the service can be
-                        delayed until the first inbound traffic
-                        arrives at the socket to implement on-demand
-                        activation of daemons. However, the primary
-                        advantage of this scheme is that all providers
-                        and all consumers of the sockets can be
-                        started in parallel as soon as all sockets
-                        are established. In addition to that, daemons
-                        can be restarted with losing only a minimal
-                        number of client transactions, or even any
-                        client request at all (the latter is
-                        particularly true for state-less protocols,
-                        such as DNS or syslog), because the socket
-                        stays bound and accessible during the restart,
-                        and all requests are queued while the daemon
-                        cannot process them.</para>
-
-                        <para>New-style daemons which support socket
-                        activation must be able to receive their
-                        sockets from the init system instead of
-                        creating and binding them themselves. For
-                        details about the programming interfaces for
-                        this scheme provided by systemd, see
-                        <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-                        and
-                        <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>. For
-                        details about porting existing daemons to
-                        socket-based activation, see below. With
-                        minimal effort, it is possible to implement
-                        socket-based activation in addition to
-                        traditional internal socket creation in the
-                        same codebase in order to support both
-                        new-style and old-style init systems from the
-                        same daemon binary.</para>
-
-                        <para>systemd implements socket-based
-                        activation via <filename>.socket</filename>
-                        units, which are described in
-                        <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>. When
-                        configuring socket units for socket-based
-                        activation, it is essential that all listening
-                        sockets are pulled in by the special target
-                        unit <filename>sockets.target</filename>. It
-                        is recommended to place a
-                        <varname>WantedBy=sockets.target</varname>
-                        directive in the <literal>[Install]</literal>
-                        section to automatically add such a
-                        dependency on installation of a socket
-                        unit. Unless
-                        <varname>DefaultDependencies=no</varname> is
-                        set, the necessary ordering dependencies are
-                        implicitly created for all socket units. For
-                        more information about
-                        <filename>sockets.target</filename>, see
-                        <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>. It
-                        is not necessary or recommended to place any
-                        additional dependencies on socket units (for
-                        example from
-                        <filename>multi-user.target</filename> or
-                        suchlike) when one is installed in
-                        <filename>sockets.target</filename>.</para>
-                </refsect2>
-
-                <refsect2>
-                        <title>Bus-Based Activation</title>
-
-                        <para>When the D-Bus IPC system is used for
-                        communication with clients, new-style daemons
-                        should employ bus activation so that they are
-                        automatically activated when a client
-                        application accesses their IPC
-                        interfaces. This is configured in D-Bus
-                        service files (not to be confused with systemd
-                        service unit files!). To ensure that D-Bus
-                        uses systemd to start-up and maintain the
-                        daemon, use the
-                        <varname>SystemdService=</varname> directive
-                        in these service files to configure the
-                        matching systemd service for a D-Bus
-                        service. e.g.: For a D-Bus service whose D-Bus
-                        activation file is named
-                        <filename>org.freedesktop.RealtimeKit.service</filename>,
-                        make sure to set
-                        <varname>SystemdService=rtkit-daemon.service</varname>
-                        in that file to bind it to the systemd
-                        service
-                        <filename>rtkit-daemon.service</filename>. This
-                        is needed to make sure that the daemon is
-                        started in a race-free fashion when activated
-                        via multiple mechanisms simultaneously.</para>
-                </refsect2>
-
-                <refsect2>
-                        <title>Device-Based Activation</title>
-
-                        <para>Often, daemons that manage a particular
-                        type of hardware should be activated only when
-                        the hardware of the respective kind is plugged
-                        in or otherwise becomes available. In a
-                        new-style init system, it is possible to bind
-                        activation to hardware plug/unplug events. In
-                        systemd, kernel devices appearing in the
-                        sysfs/udev device tree can be exposed as units
-                        if they are tagged with the string
-                        <literal>systemd</literal>. Like any other
-                        kind of unit, they may then pull in other units
-                        when activated (i.e. plugged in) and thus
-                        implement device-based activation. systemd
-                        dependencies may be encoded in the udev
-                        database via the
-                        <varname>SYSTEMD_WANTS=</varname>
-                        property. See
-                        <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                        for details. Often, it is nicer to pull in
-                        services from devices only indirectly via
-                        dedicated targets. Example: Instead of pulling
-                        in <filename>bluetoothd.service</filename>
-                        from all the various bluetooth dongles and
-                        other hardware available, pull in
-                        bluetooth.target from them and
-                        <filename>bluetoothd.service</filename> from
-                        that target. This provides for nicer
-                        abstraction and gives administrators the
-                        option to enable
-                        <filename>bluetoothd.service</filename> via
-                        controlling a
-                        <filename>bluetooth.target.wants/</filename>
-                        symlink uniformly with a command like
-                        <command>enable</command> of
-                        <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-                        instead of manipulating the udev
-                        ruleset.</para>
-                </refsect2>
-
-                <refsect2>
-                        <title>Path-Based Activation</title>
-
-                        <para>Often, runtime of daemons processing
-                        spool files or directories (such as a printing
-                        system) can be delayed until these file system
-                        objects change state, or become
-                        non-empty. New-style init systems provide a
-                        way to bind service activation to file system
-                        changes. systemd implements this scheme via
-                        path-based activation configured in
-                        <filename>.path</filename> units, as outlined
-                        in
-                        <citerefentry><refentrytitle>systemd.path</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
-                </refsect2>
-
-                <refsect2>
-                        <title>Timer-Based Activation</title>
-
-                        <para>Some daemons that implement clean-up
-                        jobs that are intended to be executed in
-                        regular intervals benefit from timer-based
-                        activation. In systemd, this is implemented
-                        via <filename>.timer</filename> units, as
-                        described in
-                        <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
-                </refsect2>
-
-                <refsect2>
-                        <title>Other Forms of Activation</title>
-
-                        <para>Other forms of activation have been
-                        suggested and implemented in some
-                        systems. However, there are often simpler or
-                        better alternatives, or they can be put
-                        together of combinations of the schemes
-                        above. Example: Sometimes, it appears useful to
-                        start daemons or <filename>.socket</filename>
-                        units when a specific IP address is configured
-                        on a network interface, because network
-                        sockets shall be bound to the
-                        address. However, an alternative to implement
-                        this is by utilizing the Linux <constant>IP_FREEBIND</constant>
-                        socket option, as accessible via
-                        <varname>FreeBind=yes</varname> in systemd
-                        socket files (see
-                        <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                        for details). This option, when enabled,
-                        allows sockets to be bound to a non-local, not
-                        configured IP address, and hence allows
-                        bindings to a particular IP address before it
-                        actually becomes available, making such an
-                        explicit dependency to the configured address
-                        redundant. Another often suggested trigger for
-                        service activation is low system
-                        load. However, here too, a more convincing
-                        approach might be to make proper use of
-                        features of the operating system, in
-                        particular, the CPU or IO scheduler of
-                        Linux. Instead of scheduling jobs from
-                        userspace based on monitoring the OS
-                        scheduler, it is advisable to leave the
-                        scheduling of processes to the OS scheduler
-                        itself. systemd provides fine-grained access
-                        to the CPU and IO schedulers. If a process
-                        executed by the init system shall not
-                        negatively impact the amount of CPU or IO
-                        bandwidth available to other processes, it
-                        should be configured with
-                        <varname>CPUSchedulingPolicy=idle</varname>
-                        and/or
-                        <varname>IOSchedulingClass=idle</varname>. Optionally,
-                        this may be combined with timer-based
-                        activation to schedule background jobs during
-                        runtime and with minimal impact on the system,
-                        and remove it from the boot phase
-                        itself.</para>
-                </refsect2>
-
-        </refsect1>
-        <refsect1>
-                <title>Integration with Systemd</title>
-
-                <refsect2>
-                        <title>Writing Systemd Unit Files</title>
-
-                        <para>When writing systemd unit files, it is
-                        recommended to consider the following
-                        suggestions:</para>
-
-                        <orderedlist>
-                                <listitem><para>If possible, do not use
-                                the <varname>Type=forking</varname>
-                                setting in service files. But if you
-                                do, make sure to set the PID file path
-                                using <varname>PIDFile=</varname>. See
-                                <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                                for details.</para></listitem>
-
-                                <listitem><para>If your daemon
-                                registers a D-Bus name on the bus,
-                                make sure to use
-                                <varname>Type=dbus</varname> in the
-                                service file if
-                                possible.</para></listitem>
-
-                                <listitem><para>Make sure to set a
-                                good human-readable description string
-                                with
-                                <varname>Description=</varname>.</para></listitem>
-
-                                <listitem><para>Do not disable
-                                <varname>DefaultDependencies=</varname>,
-                                unless you really know what you do and
-                                your unit is involved in early boot or
-                                late system shutdown.</para></listitem>
-
-                                <listitem><para>Normally, little if
-                                any dependencies should need to
-                                be defined explicitly. However, if you
-                                do configure explicit dependencies, only refer to
-                                unit names listed on
-                                <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-                                or names introduced by your own
-                                package to keep the unit file
-                                operating
-                                system-independent.</para></listitem>
-
-                                <listitem><para>Make sure to include
-                                an <literal>[Install]</literal>
-                                section including installation
-                                information for the unit file. See
-                                <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                                for details. To activate your service
-                                on boot, make sure to add a
-                                <varname>WantedBy=multi-user.target</varname>
-                                or
-                                <varname>WantedBy=graphical.target</varname>
-                                directive. To activate your socket on
-                                boot, make sure to add
-                                <varname>WantedBy=sockets.target</varname>. Usually,
-                                you also want to make sure that when
-                                your service is installed, your socket
-                                is installed too, hence add
-                                <varname>Also=foo.socket</varname> in
-                                your service file
-                                <filename>foo.service</filename>, for
-                                a hypothetical program
-                                <filename>foo</filename>.</para></listitem>
-
-                        </orderedlist>
-                </refsect2>
-
-                <refsect2>
-                        <title>Installing Systemd Service Files</title>
-
-                        <para>At the build installation time
-                        (e.g. <command>make install</command> during
-                        package build), packages are recommended to
-                        install their systemd unit files in the
-                        directory returned by <command>pkg-config
-                        systemd
-                        --variable=systemdsystemunitdir</command> (for
-                        system services) or <command>pkg-config
-                        systemd
-                        --variable=systemduserunitdir</command>
-                        (for user services). This will make the
-                        services available in the system on explicit
-                        request but not activate them automatically
-                        during boot. Optionally, during package
-                        installation (e.g. <command>rpm -i</command>
-                        by the administrator), symlinks should be
-                        created in the systemd configuration
-                        directories via the <command>enable</command>
-                        command of the
-                        <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-                        tool to activate them automatically on
-                        boot.</para>
-
-                        <para>Packages using
-                        <citerefentry project='die-net'><refentrytitle>autoconf</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-                        are recommended to use a configure script
-                        excerpt like the following to determine the
-                        unit installation path during source
-                        configuration:</para>
-
-                        <programlisting>PKG_PROG_PKG_CONFIG
+  <refentryinfo>
+    <title>daemon</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>daemon</refentrytitle>
+    <manvolnum>7</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>daemon</refname>
+    <refpurpose>Writing and packaging system daemons</refpurpose>
+  </refnamediv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>A daemon is a service process that runs in the background
+    and supervises the system or provides functionality to other
+    processes. Traditionally, daemons are implemented following a
+    scheme originating in SysV Unix. Modern daemons should follow a
+    simpler yet more powerful scheme (here called "new-style"
+    daemons), as implemented by
+    <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
+    This manual page covers both schemes, and in particular includes
+    recommendations for daemons that shall be included in the systemd
+    init system.</para>
+
+    <refsect2>
+      <title>SysV Daemons</title>
+
+      <para>When a traditional SysV daemon starts, it should execute
+      the following steps as part of the initialization. Note that
+      these steps are unnecessary for new-style daemons (see below),
+      and should only be implemented if compatibility with SysV is
+      essential.</para>
+
+      <orderedlist>
+        <listitem><para>Close all open file descriptors except
+        standard input, output, and error (i.e. the first three file
+        descriptors 0, 1, 2). This ensures that no accidentally passed
+        file descriptor stays around in the daemon process. On Linux,
+        this is best implemented by iterating through
+        <filename>/proc/self/fd</filename>, with a fallback of
+        iterating from file descriptor 3 to the value returned by
+        <function>getrlimit()</function> for
+        <constant>RLIMIT_NOFILE</constant>. </para></listitem>
+
+        <listitem><para>Reset all signal handlers to their default.
+        This is best done by iterating through the available signals
+        up to the limit of <constant>_NSIG</constant> and resetting
+        them to <constant>SIG_DFL</constant>.</para></listitem>
+
+        <listitem><para>Reset the signal mask
+        using
+        <function>sigprocmask()</function>.</para></listitem>
+
+        <listitem><para>Sanitize the environment block, removing or
+        resetting environment variables that might negatively impact
+        daemon runtime.</para></listitem>
+
+        <listitem><para>Call <function>fork()</function>, to create a
+        background process.</para></listitem>
+
+        <listitem><para>In the child, call
+        <function>setsid()</function> to detach from any terminal and
+        create an independent session.</para></listitem>
+
+        <listitem><para>In the child, call <function>fork()</function>
+        again, to ensure that the daemon can never re-acquire a
+        terminal again.</para></listitem>
+
+        <listitem><para>Call <function>exit()</function> in the first
+        child, so that only the second child (the actual daemon
+        process) stays around. This ensures that the daemon process is
+        re-parented to init/PID 1, as all daemons should
+        be.</para></listitem>
+
+        <listitem><para>In the daemon process, connect
+        <filename>/dev/null</filename> to standard input, output, and
+        error.</para></listitem>
+
+        <listitem><para>In the daemon process, reset the umask to 0,
+        so that the file modes passed to <function>open()</function>,
+        <function>mkdir()</function> and suchlike directly control the
+        access mode of the created files and
+        directories.</para></listitem>
+
+        <listitem><para>In the daemon process, change the current
+        directory to the root directory (/), in order to avoid that
+        the daemon involuntarily blocks mount points from being
+        unmounted.</para></listitem>
+
+        <listitem><para>In the daemon process, write the daemon PID
+        (as returned by <function>getpid()</function>) to a PID file,
+        for example <filename>/run/foobar.pid</filename> (for a
+        hypothetical daemon "foobar") to ensure that the daemon cannot
+        be started more than once. This must be implemented in
+        race-free fashion so that the PID file is only updated when it
+        is verified at the same time that the PID previously stored in
+        the PID file no longer exists or belongs to a foreign
+        process.</para></listitem>
+
+        <listitem><para>In the daemon process, drop privileges, if
+        possible and applicable.</para></listitem>
+
+        <listitem><para>From the daemon process, notify the original
+        process started that initialization is complete. This can be
+        implemented via an unnamed pipe or similar communication
+        channel that is created before the first
+        <function>fork()</function> and hence available in both the
+        original and the daemon process.</para></listitem>
+
+        <listitem><para>Call <function>exit()</function> in the
+        original process. The process that invoked the daemon must be
+        able to rely on that this <function>exit()</function> happens
+        after initialization is complete and all external
+        communication channels are established and
+        accessible.</para></listitem>
+      </orderedlist>
+
+      <para>The BSD <function>daemon()</function> function should not
+      be used, as it implements only a subset of these steps.</para>
+
+      <para>A daemon that needs to provide compatibility with SysV
+      systems should implement the scheme pointed out above. However,
+      it is recommended to make this behavior optional and
+      configurable via a command line argument to ease debugging as
+      well as to simplify integration into systems using
+      systemd.</para>
+    </refsect2>
+
+    <refsect2>
+      <title>New-Style Daemons</title>
+
+      <para>Modern services for Linux should be implemented as
+      new-style daemons. This makes it easier to supervise and control
+      them at runtime and simplifies their implementation.</para>
+
+      <para>For developing a new-style daemon, none of the
+      initialization steps recommended for SysV daemons need to be
+      implemented. New-style init systems such as systemd make all of
+      them redundant. Moreover, since some of these steps interfere
+      with process monitoring, file descriptor passing and other
+      functionality of the init system, it is recommended not to
+      execute them when run as new-style service.</para>
+
+      <para>Note that new-style init systems guarantee execution of
+      daemon processes in a clean process context: it is guaranteed
+      that the environment block is sanitized, that the signal
+      handlers and mask is reset and that no left-over file
+      descriptors are passed. Daemons will be executed in their own
+      session, with standard input/output/error connected to
+      <filename>/dev/null</filename> unless otherwise configured. The
+      umask is reset.
+      </para>
+
+      <para>It is recommended for new-style daemons to implement the
+      following:</para>
+
+      <orderedlist>
+        <listitem><para>If <constant>SIGTERM</constant> is received,
+        shut down the daemon and exit cleanly.</para></listitem>
+
+        <listitem><para>If <constant>SIGHUP</constant> is received,
+        reload the configuration files, if this
+        applies.</para></listitem>
+
+        <listitem><para>Provide a correct exit code from the main
+        daemon process, as this is used by the init system to detect
+        service errors and problems. It is recommended to follow the
+        exit code scheme as defined in the <ulink
+        url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB
+        recommendations for SysV init
+        scripts</ulink>.</para></listitem>
+
+        <listitem><para>If possible and applicable, expose the
+        daemon's control interface via the D-Bus IPC system and grab a
+        bus name as last step of initialization.</para></listitem>
+
+        <listitem><para>For integration in systemd, provide a
+        <filename>.service</filename> unit file that carries
+        information about starting, stopping and otherwise maintaining
+        the daemon. See
+        <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+        for details.</para></listitem>
+
+        <listitem><para>As much as possible, rely on the init system's
+        functionality to limit the access of the daemon to files,
+        services and other resources, i.e. in the case of systemd,
+        rely on systemd's resource limit control instead of
+        implementing your own, rely on systemd's privilege dropping
+        code instead of implementing it in the daemon, and similar.
+        See
+        <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+        for the available controls.</para></listitem>
+
+        <listitem><para>If D-Bus is used, make your daemon
+        bus-activatable by supplying a D-Bus service activation
+        configuration file. This has multiple advantages: your daemon
+        may be started lazily on-demand; it may be started in parallel
+        to other daemons requiring it -- which maximizes
+        parallelization and boot-up speed; your daemon can be
+        restarted on failure without losing any bus requests, as the
+        bus queues requests for activatable services. See below for
+        details.</para></listitem>
+
+        <listitem><para>If your daemon provides services to other
+        local processes or remote clients via a socket, it should be
+        made socket-activatable following the scheme pointed out
+        below. Like D-Bus activation, this enables on-demand starting
+        of services as well as it allows improved parallelization of
+        service start-up. Also, for state-less protocols (such as
+        syslog, DNS), a daemon implementing socket-based activation
+        can be restarted without losing a single request. See below
+        for details.</para></listitem>
+
+        <listitem><para>If applicable, a daemon should notify the init
+        system about startup completion or status updates via the
+        <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+        interface.</para></listitem>
+
+        <listitem><para>Instead of using the
+        <function>syslog()</function> call to log directly to the
+        system syslog service, a new-style daemon may choose to simply
+        log to standard error via <function>fprintf()</function>,
+        which is then forwarded to syslog by the init system. If log
+        levels are necessary, these can be encoded by prefixing
+        individual log lines with strings like
+        <literal>&lt;4&gt;</literal> (for log level 4 "WARNING" in the
+        syslog priority scheme), following a similar style as the
+        Linux kernel's <function>printk()</function> level system. For
+        details, see
+        <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+        and
+        <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem>
+
+      </orderedlist>
+
+      <para>These recommendations are similar but not identical to the
+      <ulink
+      url="https://developer.apple.com/library/mac/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingLaunchdJobs.html">Apple
+      MacOS X Daemon Requirements</ulink>.</para>
+    </refsect2>
+
+  </refsect1>
+  <refsect1>
+    <title>Activation</title>
+
+    <para>New-style init systems provide multiple additional
+    mechanisms to activate services, as detailed below. It is common
+    that services are configured to be activated via more than one
+    mechanism at the same time. An example for systemd:
+    <filename>bluetoothd.service</filename> might get activated either
+    when Bluetooth hardware is plugged in, or when an application
+    accesses its programming interfaces via D-Bus. Or, a print server
+    daemon might get activated when traffic arrives at an IPP port, or
+    when a printer is plugged in, or when a file is queued in the
+    printer spool directory. Even for services that are intended to be
+    started on system bootup unconditionally, it is a good idea to
+    implement some of the various activation schemes outlined below,
+    in order to maximize parallelization. If a daemon implements a
+    D-Bus service or listening socket, implementing the full bus and
+    socket activation scheme allows starting of the daemon with its
+    clients in parallel (which speeds up boot-up), since all its
+    communication channels are established already, and no request is
+    lost because client requests will be queued by the bus system (in
+    case of D-Bus) or the kernel (in case of sockets) until the
+    activation is completed.</para>
+
+    <refsect2>
+      <title>Activation on Boot</title>
+
+      <para>Old-style daemons are usually activated exclusively on
+      boot (and manually by the administrator) via SysV init scripts,
+      as detailed in the <ulink
+      url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB
+      Linux Standard Base Core Specification</ulink>. This method of
+      activation is supported ubiquitously on Linux init systems, both
+      old-style and new-style systems. Among other issues, SysV init
+      scripts have the disadvantage of involving shell scripts in the
+      boot process. New-style init systems generally employ updated
+      versions of activation, both during boot-up and during runtime
+      and using more minimal service description files.</para>
+
+      <para>In systemd, if the developer or administrator wants to
+      make sure that a service or other unit is activated
+      automatically on boot, it is recommended to place a symlink to
+      the unit file in the <filename>.wants/</filename> directory of
+      either <filename>multi-user.target</filename> or
+      <filename>graphical.target</filename>, which are normally used
+      as boot targets at system startup. See
+      <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+      for details about the <filename>.wants/</filename> directories,
+      and
+      <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+      for details about the two boot targets.</para>
+
+    </refsect2>
+
+    <refsect2>
+      <title>Socket-Based Activation</title>
+
+      <para>In order to maximize the possible parallelization and
+      robustness and simplify configuration and development, it is
+      recommended for all new-style daemons that communicate via
+      listening sockets to employ socket-based activation. In a
+      socket-based activation scheme, the creation and binding of the
+      listening socket as primary communication channel of daemons to
+      local (and sometimes remote) clients is moved out of the daemon
+      code and into the init system. Based on per-daemon
+      configuration, the init system installs the sockets and then
+      hands them off to the spawned process as soon as the respective
+      daemon is to be started. Optionally, activation of the service
+      can be delayed until the first inbound traffic arrives at the
+      socket to implement on-demand activation of daemons. However,
+      the primary advantage of this scheme is that all providers and
+      all consumers of the sockets can be started in parallel as soon
+      as all sockets are established. In addition to that, daemons can
+      be restarted with losing only a minimal number of client
+      transactions, or even any client request at all (the latter is
+      particularly true for state-less protocols, such as DNS or
+      syslog), because the socket stays bound and accessible during
+      the restart, and all requests are queued while the daemon cannot
+      process them.</para>
+
+      <para>New-style daemons which support socket activation must be
+      able to receive their sockets from the init system instead of
+      creating and binding them themselves. For details about the
+      programming interfaces for this scheme provided by systemd, see
+      <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+      and
+      <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
+      For details about porting existing daemons to socket-based
+      activation, see below. With minimal effort, it is possible to
+      implement socket-based activation in addition to traditional
+      internal socket creation in the same codebase in order to
+      support both new-style and old-style init systems from the same
+      daemon binary.</para>
+
+      <para>systemd implements socket-based activation via
+      <filename>.socket</filename> units, which are described in
+      <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+      When configuring socket units for socket-based activation, it is
+      essential that all listening sockets are pulled in by the
+      special target unit <filename>sockets.target</filename>. It is
+      recommended to place a
+      <varname>WantedBy=sockets.target</varname> directive in the
+      <literal>[Install]</literal> section to automatically add such a
+      dependency on installation of a socket unit. Unless
+      <varname>DefaultDependencies=no</varname> is set, the necessary
+      ordering dependencies are implicitly created for all socket
+      units. For more information about
+      <filename>sockets.target</filename>, see
+      <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
+      It is not necessary or recommended to place any additional
+      dependencies on socket units (for example from
+      <filename>multi-user.target</filename> or suchlike) when one is
+      installed in <filename>sockets.target</filename>.</para>
+    </refsect2>
+
+    <refsect2>
+      <title>Bus-Based Activation</title>
+
+      <para>When the D-Bus IPC system is used for communication with
+      clients, new-style daemons should employ bus activation so that
+      they are automatically activated when a client application
+      accesses their IPC interfaces. This is configured in D-Bus
+      service files (not to be confused with systemd service unit
+      files!). To ensure that D-Bus uses systemd to start-up and
+      maintain the daemon, use the <varname>SystemdService=</varname>
+      directive in these service files to configure the matching
+      systemd service for a D-Bus service. e.g.: For a D-Bus service
+      whose D-Bus activation file is named
+      <filename>org.freedesktop.RealtimeKit.service</filename>, make
+      sure to set
+      <varname>SystemdService=rtkit-daemon.service</varname> in that
+      file to bind it to the systemd service
+      <filename>rtkit-daemon.service</filename>. This is needed to
+      make sure that the daemon is started in a race-free fashion when
+      activated via multiple mechanisms simultaneously.</para>
+    </refsect2>
+
+    <refsect2>
+      <title>Device-Based Activation</title>
+
+      <para>Often, daemons that manage a particular type of hardware
+      should be activated only when the hardware of the respective
+      kind is plugged in or otherwise becomes available. In a
+      new-style init system, it is possible to bind activation to
+      hardware plug/unplug events. In systemd, kernel devices
+      appearing in the sysfs/udev device tree can be exposed as units
+      if they are tagged with the string <literal>systemd</literal>.
+      Like any other kind of unit, they may then pull in other units
+      when activated (i.e. plugged in) and thus implement device-based
+      activation. systemd dependencies may be encoded in the udev
+      database via the <varname>SYSTEMD_WANTS=</varname> property. See
+      <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+      for details. Often, it is nicer to pull in services from devices
+      only indirectly via dedicated targets. Example: Instead of
+      pulling in <filename>bluetoothd.service</filename> from all the
+      various bluetooth dongles and other hardware available, pull in
+      bluetooth.target from them and
+      <filename>bluetoothd.service</filename> from that target. This
+      provides for nicer abstraction and gives administrators the
+      option to enable <filename>bluetoothd.service</filename> via
+      controlling a <filename>bluetooth.target.wants/</filename>
+      symlink uniformly with a command like <command>enable</command>
+      of
+      <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+      instead of manipulating the udev ruleset.</para>
+    </refsect2>
+
+    <refsect2>
+      <title>Path-Based Activation</title>
+
+      <para>Often, runtime of daemons processing spool files or
+      directories (such as a printing system) can be delayed until
+      these file system objects change state, or become non-empty.
+      New-style init systems provide a way to bind service activation
+      to file system changes. systemd implements this scheme via
+      path-based activation configured in <filename>.path</filename>
+      units, as outlined in
+      <citerefentry><refentrytitle>systemd.path</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
+    </refsect2>
+
+    <refsect2>
+      <title>Timer-Based Activation</title>
+
+      <para>Some daemons that implement clean-up jobs that are
+      intended to be executed in regular intervals benefit from
+      timer-based activation. In systemd, this is implemented via
+      <filename>.timer</filename> units, as described in
+      <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
+    </refsect2>
+
+    <refsect2>
+      <title>Other Forms of Activation</title>
+
+      <para>Other forms of activation have been suggested and
+      implemented in some systems. However, there are often simpler or
+      better alternatives, or they can be put together of combinations
+      of the schemes above. Example: Sometimes, it appears useful to
+      start daemons or <filename>.socket</filename> units when a
+      specific IP address is configured on a network interface,
+      because network sockets shall be bound to the address. However,
+      an alternative to implement this is by utilizing the Linux
+      <constant>IP_FREEBIND</constant> socket option, as accessible
+      via <varname>FreeBind=yes</varname> in systemd socket files (see
+      <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+      for details). This option, when enabled, allows sockets to be
+      bound to a non-local, not configured IP address, and hence
+      allows bindings to a particular IP address before it actually
+      becomes available, making such an explicit dependency to the
+      configured address redundant. Another often suggested trigger
+      for service activation is low system load. However, here too, a
+      more convincing approach might be to make proper use of features
+      of the operating system, in particular, the CPU or IO scheduler
+      of Linux. Instead of scheduling jobs from userspace based on
+      monitoring the OS scheduler, it is advisable to leave the
+      scheduling of processes to the OS scheduler itself. systemd
+      provides fine-grained access to the CPU and IO schedulers. If a
+      process executed by the init system shall not negatively impact
+      the amount of CPU or IO bandwidth available to other processes,
+      it should be configured with
+      <varname>CPUSchedulingPolicy=idle</varname> and/or
+      <varname>IOSchedulingClass=idle</varname>. Optionally, this may
+      be combined with timer-based activation to schedule background
+      jobs during runtime and with minimal impact on the system, and
+      remove it from the boot phase itself.</para>
+    </refsect2>
+
+  </refsect1>
+  <refsect1>
+    <title>Integration with Systemd</title>
+
+    <refsect2>
+      <title>Writing Systemd Unit Files</title>
+
+      <para>When writing systemd unit files, it is recommended to
+      consider the following suggestions:</para>
+
+      <orderedlist>
+        <listitem><para>If possible, do not use the
+        <varname>Type=forking</varname> setting in service files. But
+        if you do, make sure to set the PID file path using
+        <varname>PIDFile=</varname>. See
+        <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+        for details.</para></listitem>
+
+        <listitem><para>If your daemon registers a D-Bus name on the
+        bus, make sure to use <varname>Type=dbus</varname> in the
+        service file if possible.</para></listitem>
+
+        <listitem><para>Make sure to set a good human-readable
+        description string with
+        <varname>Description=</varname>.</para></listitem>
+
+        <listitem><para>Do not disable
+        <varname>DefaultDependencies=</varname>, unless you really
+        know what you do and your unit is involved in early boot or
+        late system shutdown.</para></listitem>
+
+        <listitem><para>Normally, little if any dependencies should
+        need to be defined explicitly. However, if you do configure
+        explicit dependencies, only refer to unit names listed on
+        <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+        or names introduced by your own package to keep the unit file
+        operating system-independent.</para></listitem>
+
+        <listitem><para>Make sure to include an
+        <literal>[Install]</literal> section including installation
+        information for the unit file. See
+        <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+        for details. To activate your service on boot, make sure to
+        add a <varname>WantedBy=multi-user.target</varname> or
+        <varname>WantedBy=graphical.target</varname> directive. To
+        activate your socket on boot, make sure to add
+        <varname>WantedBy=sockets.target</varname>. Usually, you also
+        want to make sure that when your service is installed, your
+        socket is installed too, hence add
+        <varname>Also=foo.socket</varname> in your service file
+        <filename>foo.service</filename>, for a hypothetical program
+        <filename>foo</filename>.</para></listitem>
+
+      </orderedlist>
+    </refsect2>
+
+    <refsect2>
+      <title>Installing Systemd Service Files</title>
+
+      <para>At the build installation time (e.g. <command>make
+      install</command> during package build), packages are
+      recommended to install their systemd unit files in the directory
+      returned by <command>pkg-config systemd
+      --variable=systemdsystemunitdir</command> (for system services)
+      or <command>pkg-config systemd
+      --variable=systemduserunitdir</command> (for user services).
+      This will make the services available in the system on explicit
+      request but not activate them automatically during boot.
+      Optionally, during package installation (e.g. <command>rpm
+      -i</command> by the administrator), symlinks should be created
+      in the systemd configuration directories via the
+      <command>enable</command> command of the
+      <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+      tool to activate them automatically on boot.</para>
+
+      <para>Packages using
+      <citerefentry project='die-net'><refentrytitle>autoconf</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+      are recommended to use a configure script
+      excerpt like the following to determine the
+      unit installation path during source
+      configuration:</para>
+
+      <programlisting>PKG_PROG_PKG_CONFIG
 AC_ARG_WITH([systemdsystemunitdir],
      [AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files])],,
      [with_systemdsystemunitdir=auto])
@@ -763,60 +595,58 @@ AS_IF([test "x$with_systemdsystemunitdir" = "xyes" -o "x$with_systemdsystemunitd
      def_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
 
      AS_IF([test "x$def_systemdsystemunitdir" = "x"],
-         [AS_IF([test "x$with_systemdsystemunitdir" = "xyes"],
-                [AC_MSG_ERROR([systemd support requested but pkg-config unable to query systemd package])])
-          with_systemdsystemunitdir=no],
-         [with_systemdsystemunitdir="$def_systemdsystemunitdir"])])
+   [AS_IF([test "x$with_systemdsystemunitdir" = "xyes"],
+    [AC_MSG_ERROR([systemd support requested but pkg-config unable to query systemd package])])
+    with_systemdsystemunitdir=no],
+   [with_systemdsystemunitdir="$def_systemdsystemunitdir"])])
 AS_IF([test "x$with_systemdsystemunitdir" != "xno"],
       [AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir])])
 AM_CONDITIONAL([HAVE_SYSTEMD], [test "x$with_systemdsystemunitdir" != "xno"])</programlisting>
 
-                        <para>This snippet allows automatic
-                        installation of the unit files on systemd
-                        machines, and optionally allows their
-                        installation even on machines lacking
-                        systemd. (Modification of this snippet for the
-                        user unit directory is left as an exercise for the
-                        reader.)</para>
+      <para>This snippet allows automatic
+      installation of the unit files on systemd
+      machines, and optionally allows their
+      installation even on machines lacking
+      systemd. (Modification of this snippet for the
+      user unit directory is left as an exercise for the
+      reader.)</para>
 
-                        <para>Additionally, to ensure that
-                        <command>make distcheck</command> continues to
-                        work, it is recommended to add the following
-                        to the top-level <filename>Makefile.am</filename>
-                        file in
-                        <citerefentry project='die-net'><refentrytitle>automake</refentrytitle><manvolnum>1</manvolnum></citerefentry>-based
-                        projects:</para>
+      <para>Additionally, to ensure that
+      <command>make distcheck</command> continues to
+      work, it is recommended to add the following
+      to the top-level <filename>Makefile.am</filename>
+      file in
+      <citerefentry project='die-net'><refentrytitle>automake</refentrytitle><manvolnum>1</manvolnum></citerefentry>-based
+      projects:</para>
 
-                        <programlisting>DISTCHECK_CONFIGURE_FLAGS = \
-        --with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)</programlisting>
+      <programlisting>DISTCHECK_CONFIGURE_FLAGS = \
+  --with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)</programlisting>
 
-                        <para>Finally, unit files should be installed in the system with an automake excerpt like the following:</para>
+      <para>Finally, unit files should be installed in the system with an automake excerpt like the following:</para>
 
-                        <programlisting>if HAVE_SYSTEMD
+      <programlisting>if HAVE_SYSTEMD
 systemdsystemunit_DATA = \
-        foobar.socket \
-        foobar.service
+  foobar.socket \
+  foobar.service
 endif</programlisting>
 
-                        <para>In the
-                        <citerefentry project='die-net'><refentrytitle>rpm</refentrytitle><manvolnum>8</manvolnum></citerefentry>
-                        <filename>.spec</filename> file, use snippets
-                        like the following to enable/disable the
-                        service during
-                        installation/deinstallation. This makes use of
-                        the RPM macros shipped along systemd. Consult
-                        the packaging guidelines of your distribution
-                        for details and the equivalent for other
-                        package managers.</para>
+      <para>In the
+      <citerefentry project='die-net'><refentrytitle>rpm</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+      <filename>.spec</filename> file, use snippets like the following
+      to enable/disable the service during
+      installation/deinstallation. This makes use of the RPM macros
+      shipped along systemd. Consult the packaging guidelines of your
+      distribution for details and the equivalent for other package
+      managers.</para>
 
-                        <para>At the top of the file:</para>
+      <para>At the top of the file:</para>
 
-                        <programlisting>BuildRequires: systemd
+      <programlisting>BuildRequires: systemd
 %{?systemd_requires}</programlisting>
 
-                        <para>And as scriptlets, further down:</para>
+      <para>And as scriptlets, further down:</para>
 
-                        <programlisting>%post
+      <programlisting>%post
 %systemd_post foobar.service foobar.socket
 
 %preun
@@ -825,133 +655,111 @@ endif</programlisting>
 %postun
 %systemd_postun</programlisting>
 
-                        <para>If the service shall be restarted during
-                        upgrades, replace the
-                        <literal>%postun</literal> scriptlet above
-                        with the following:</para>
+      <para>If the service shall be restarted during upgrades, replace
+      the <literal>%postun</literal> scriptlet above with the
+      following:</para>
 
-                        <programlisting>%postun
+      <programlisting>%postun
 %systemd_postun_with_restart foobar.service</programlisting>
 
-                        <para>Note that
-                        <literal>%systemd_post</literal> and
-                        <literal>%systemd_preun</literal> expect the
-                        names of all units that are installed/removed
-                        as arguments, separated by
-                        spaces. <literal>%systemd_postun</literal>
-                        expects no
-                        arguments. <literal>%systemd_postun_with_restart</literal>
-                        expects the units to restart as
-                        arguments.</para>
-
-                        <para>To facilitate upgrades from a package
-                        version that shipped only SysV init scripts to
-                        a package version that ships both a SysV init
-                        script and a native systemd service file, use
-                        a fragment like the following:</para>
-
-                        <programlisting>%triggerun -- foobar &lt; 0.47.11-1
+      <para>Note that <literal>%systemd_post</literal> and
+      <literal>%systemd_preun</literal> expect the names of all units
+      that are installed/removed as arguments, separated by spaces.
+      <literal>%systemd_postun</literal> expects no arguments.
+      <literal>%systemd_postun_with_restart</literal> expects the
+      units to restart as arguments.</para>
+
+      <para>To facilitate upgrades from a package version that shipped
+      only SysV init scripts to a package version that ships both a
+      SysV init script and a native systemd service file, use a
+      fragment like the following:</para>
+
+      <programlisting>%triggerun -- foobar &lt; 0.47.11-1
 if /sbin/chkconfig --level 5 foobar ; then
-        /bin/systemctl --no-reload enable foobar.service foobar.socket >/dev/null 2>&amp;1 || :
+  /bin/systemctl --no-reload enable foobar.service foobar.socket >/dev/null 2>&amp;1 || :
 fi</programlisting>
 
-                        <para>Where 0.47.11-1 is the first package
-                        version that includes the native unit
-                        file. This fragment will ensure that the first
-                        time the unit file is installed, it will be
-                        enabled if and only if the SysV init script is
-                        enabled, thus making sure that the enable
-                        status is not changed. Note that
-                        <command>chkconfig</command> is a command
-                        specific to Fedora which can be used to check
-                        whether a SysV init script is enabled. Other
-                        operating systems will have to use different
-                        commands here.</para>
-                </refsect2>
-        </refsect1>
-
-        <refsect1>
-                <title>Porting Existing Daemons</title>
-
-                <para>Since new-style init systems such as systemd are
-                compatible with traditional SysV init systems, it is
-                not strictly necessary to port existing daemons to the
-                new style. However, doing so offers additional
-                functionality to the daemons as well as simplifying
-                integration into new-style init systems.</para>
-
-                <para>To port an existing SysV compatible daemon, the
-                following steps are recommended:</para>
-
-                <orderedlist>
-                        <listitem><para>If not already implemented,
-                        add an optional command line switch to the
-                        daemon to disable daemonization. This is
-                        useful not only for using the daemon in
-                        new-style init systems, but also to ease
-                        debugging.</para></listitem>
-
-                        <listitem><para>If the daemon offers
-                        interfaces to other software running on the
-                        local system via local <constant>AF_UNIX</constant> sockets,
-                        consider implementing socket-based activation
-                        (see above). Usually, a minimal patch is
-                        sufficient to implement this: Extend the
-                        socket creation in the daemon code so that
-                        <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-                        is checked for already passed sockets
-                        first. If sockets are passed (i.e. when
-                        <function>sd_listen_fds()</function> returns a
-                        positive value), skip the socket creation step
-                        and use the passed sockets. Secondly, ensure
-                        that the file system socket nodes for local
-                        <constant>AF_UNIX</constant> sockets used in the socket-based
-                        activation are not removed when the daemon
-                        shuts down, if sockets have been
-                        passed. Third, if the daemon normally closes
-                        all remaining open file descriptors as part of
-                        its initialization, the sockets passed from
-                        the init system must be spared. Since
-                        new-style init systems guarantee that no
-                        left-over file descriptors are passed to
-                        executed processes, it might be a good choice
-                        to simply skip the closing of all remaining
-                        open file descriptors if sockets are
-                        passed.</para></listitem>
-
-                        <listitem><para>Write and install a systemd
-                        unit file for the service (and the sockets if
-                        socket-based activation is used, as well as a
-                        path unit file, if the daemon processes a
-                        spool directory), see above for
-                        details.</para></listitem>
-
-                        <listitem><para>If the daemon exposes
-                        interfaces via D-Bus, write and install a
-                        D-Bus activation file for the service, see
-                        above for details.</para></listitem>
-                </orderedlist>
-        </refsect1>
-
-        <refsect1>
-                <title>Placing Daemon Data</title>
-
-                <para>It is recommended to follow the general
-                guidelines for placing package files, as discussed in
-                <citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>See Also</title>
-                <para>
-                        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-                </para>
-        </refsect1>
+      <para>Where 0.47.11-1 is the first package version that includes
+      the native unit file. This fragment will ensure that the first
+      time the unit file is installed, it will be enabled if and only
+      if the SysV init script is enabled, thus making sure that the
+      enable status is not changed. Note that
+      <command>chkconfig</command> is a command specific to Fedora
+      which can be used to check whether a SysV init script is
+      enabled. Other operating systems will have to use different
+      commands here.</para>
+    </refsect2>
+  </refsect1>
+
+  <refsect1>
+    <title>Porting Existing Daemons</title>
+
+    <para>Since new-style init systems such as systemd are compatible
+    with traditional SysV init systems, it is not strictly necessary
+    to port existing daemons to the new style. However, doing so
+    offers additional functionality to the daemons as well as
+    simplifying integration into new-style init systems.</para>
+
+    <para>To port an existing SysV compatible daemon, the following
+    steps are recommended:</para>
+
+    <orderedlist>
+      <listitem><para>If not already implemented, add an optional
+      command line switch to the daemon to disable daemonization. This
+      is useful not only for using the daemon in new-style init
+      systems, but also to ease debugging.</para></listitem>
+
+      <listitem><para>If the daemon offers interfaces to other
+      software running on the local system via local
+      <constant>AF_UNIX</constant> sockets, consider implementing
+      socket-based activation (see above). Usually, a minimal patch is
+      sufficient to implement this: Extend the socket creation in the
+      daemon code so that
+      <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+      is checked for already passed sockets first. If sockets are
+      passed (i.e. when <function>sd_listen_fds()</function> returns a
+      positive value), skip the socket creation step and use the
+      passed sockets. Secondly, ensure that the file system socket
+      nodes for local <constant>AF_UNIX</constant> sockets used in the
+      socket-based activation are not removed when the daemon shuts
+      down, if sockets have been passed. Third, if the daemon normally
+      closes all remaining open file descriptors as part of its
+      initialization, the sockets passed from the init system must be
+      spared. Since new-style init systems guarantee that no left-over
+      file descriptors are passed to executed processes, it might be a
+      good choice to simply skip the closing of all remaining open
+      file descriptors if sockets are passed.</para></listitem>
+
+      <listitem><para>Write and install a systemd unit file for the
+      service (and the sockets if socket-based activation is used, as
+      well as a path unit file, if the daemon processes a spool
+      directory), see above for details.</para></listitem>
+
+      <listitem><para>If the daemon exposes interfaces via D-Bus,
+      write and install a D-Bus activation file for the service, see
+      above for details.</para></listitem>
+    </orderedlist>
+  </refsect1>
+
+  <refsect1>
+    <title>Placing Daemon Data</title>
+
+    <para>It is recommended to follow the general guidelines for
+    placing package files, as discussed in
+    <citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+    </para>
+  </refsect1>
 
 </refentry>
index 9d96cff..e9c894f 100644 (file)
@@ -1,6 +1,6 @@
 <?xml version='1.0'?> <!--*-nxml-*-->
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-        "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
 <!--
   This file is part of systemd.
 
 <refentry id="file-hierarchy">
 
-        <refentryinfo>
-                <title>file-hierarchy</title>
-                <productname>systemd</productname>
-
-                <authorgroup>
-                        <author>
-                                <contrib>Developer</contrib>
-                                <firstname>Lennart</firstname>
-                                <surname>Poettering</surname>
-                                <email>lennart@poettering.net</email>
-                        </author>
-                </authorgroup>
-        </refentryinfo>
-
-        <refmeta>
-                <refentrytitle>file-hierarchy</refentrytitle>
-                <manvolnum>7</manvolnum>
-        </refmeta>
-
-        <refnamediv>
-                <refname>file-hierarchy</refname>
-                <refpurpose>File system hierarchy overview</refpurpose>
-        </refnamediv>
-
-        <refsect1>
-                <title>Description</title>
-
-                <para>Operating systems using the
-                <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-                system and service manager are organized based on a
-                file system hierarchy inspired by UNIX, more
-                specifically the hierarchy described in the <ulink
-                url="http://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html">File
-                System Hierarchy</ulink> specification and
-                <citerefentry project='man-pages'><refentrytitle>hier</refentrytitle><manvolnum>7</manvolnum></citerefentry>. This
-                manual page describes a more minimal, modernized
-                subset of these specifications that defines more
-                strictly the suggestions and restrictions systemd
-                makes on the file system hierarchy.</para>
-
-                <para>Many of the paths described here are queriable
-                with the
-                <citerefentry><refentrytitle>systemd-path</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-                tool.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>General Structure</title>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><filename>/</filename></term>
-                                <listitem><para>The file system
-                                root. Usually writable, but this is
-                                not required. Possibly a temporary
-                                file system (<literal>tmpfs</literal>). Not shared with
-                                other hosts (unless read-only).
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/boot</filename></term>
-                                <listitem><para>The boot partition
-                                used for bringing up the system. On
-                                EFI systems this is possibly the EFI
-                                System Partition, also see
-                                <citerefentry><refentrytitle>systemd-efi-boot-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>. This
-                                directory is usually strictly local
-                                to the host, and should be considered
-                                read-only, except when a new kernel or
-                                boot loader is installed. This
-                                directory only exists on systems that
-                                run on physical or emulated hardware
-                                that requires boot
-                                loaders.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/etc</filename></term>
-                                <listitem><para>System-specific
-                                configuration. This directory may or
-                                may not be read-only. Frequently, this
-                                directory is pre-populated with
-                                vendor-supplied configuration files,
-                                but applications should not make
-                                assumptions about this directory
-                                being fully populated or populated at
-                                all, and should fall back to defaults
-                                if configuration is missing.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/home</filename></term>
-                                <listitem><para>The location for
-                                normal user's home
-                                directories. Possibly shared with
-                                other systems, and never
-                                read-only. This directory should only
-                                be used for normal users, never for
-                                system users. This directory and
-                                possibly the directories contained
-                                within it might only become available
-                                or writable in late boot or even only
-                                after user authentication. This directory
-                                might be placed on limited-functionality
-                                network file systems, hence
-                                applications should not assume the
-                                full set of file API is available on
-                                this directory. Applications should
-                                generally not reference this directory
-                                directly, but via the per-user
-                                <varname>$HOME</varname> environment
-                                variable, or via the home directory
-                                field of the user
-                                database.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/root</filename></term>
-                                <listitem><para>The home directory of
-                                the root user. The root user's home
-                                directory is located outside of
-                                <filename>/home</filename> in order to
-                                make sure the root user may log in
-                                even without <filename>/home</filename>
-                                being available and
-                                mounted.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/srv</filename></term>
-                                <listitem><para>The place to store
-                                general server payload, managed by the
-                                administrator. No restrictions are
-                                made how this directory is organized
-                                internally. Generally writable, and
-                                possibly shared among systems. This
-                                directory might become available or
-                                writable only very late during
-                                boot.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/tmp</filename></term>
-                                <listitem><para>The place for small
-                                temporary files. This directory is
-                                usually mounted as
-                                a <literal>tmpfs</literal> instance, and
-                                should hence not be used for larger
-                                files. (Use
-                                <filename>/var/tmp</filename> for
-                                larger files.) Since the directory is
-                                accessible to other users of the
-                                system it is essential that this
-                                directory is only written to with the
-                                <citerefentry project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-                                <citerefentry project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-                                and related calls. This directory is
-                                usually flushed at boot-up. Also,
-                                files that are not accessed within a
-                                certain time are usually automatically
-                                deleted. If applications find the
-                                environment variable
-                                <varname>$TMPDIR</varname> set they
-                                should prefer using the directory
-                                specified in it over directly
-                                referencing
-                                <filename>/tmp</filename> (see <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-                                and
-                                <ulink url="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03">IEEE Std 1003.1</ulink> for details).</para></listitem>
-                        </varlistentry>
-
-                </variablelist>
-        </refsect1>
-
-        <refsect1>
-                <title>Runtime Data</title>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><filename>/run</filename></term>
-                                <listitem><para>A
-                                <literal>tmpfs</literal> file system
-                                for system packages to place runtime
-                                data in. This directory is flushed on
-                                boot, and generally writable for
-                                privileged programs
-                                only. Always writable.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/run/log</filename></term>
-                                <listitem><para>Runtime system
-                                logs. System components may place
-                                private logs in this directory. Always
-                                writable, even when
-                                <filename>/var/log</filename> might
-                                not be accessible
-                                yet.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/run/user</filename></term>
-                                <listitem><para>Contains per-user
-                                runtime directories, each usually
-                                individually mounted
-                                <literal>tmpfs</literal>
-                                instances. Always writable, flushed at
-                                each reboot and when the user logs
-                                out. User code should not reference
-                                this directory directly, but via the
-                                <varname>$XDG_RUNTIME_DIR</varname>
-                                environment variable, as documented in
-                                the <ulink
-                                url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG
-                                Base Directory
-                                Specification</ulink>.</para></listitem>
-                        </varlistentry>
-                </variablelist>
-        </refsect1>
-
-        <refsect1>
-                <title>Vendor-supplied Operating System Resources</title>
-
-                <variablelist>
-
-                        <varlistentry>
-                                <term><filename>/usr</filename></term>
-                                <listitem><para>Vendor-supplied
-                                operating system resources. Usually
-                                read-only, but this is not
-                                required. Possibly shared between
-                                multiple hosts. This directory should
-                                not be modified by the administrator,
-                                except when installing or removing
-                                vendor-supplied
-                                packages.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/usr/bin</filename></term>
-                                <listitem><para>Binaries and
-                                executables for user commands, that
-                                shall appear in the
-                                <varname>$PATH</varname> search
-                                path. It is recommended not to place
-                                binaries in this directory that are
-                                not useful for invocation from a shell
-                                (such as daemon binaries); these
-                                should be placed in a subdirectory of
-                                <filename>/usr/lib</filename>
-                                instead.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/usr/include</filename></term>
-                                <listitem><para>C and C++ API header
-                                files of system
-                                libraries.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/usr/lib</filename></term>
-                                <listitem><para>Static, private vendor
-                                data that is compatible with all
-                                architectures (though not necessarily
-                                architecture-independent). Note that
-                                this includes internal executables or
-                                other binaries that are not regularly
-                                invoked from a shell. Such binaries
-                                may be for any architecture supported
-                                by the system. Do not place public
-                                libraries in this directory, use
-                                <varname>$libdir</varname> (see
-                                below), instead.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/usr/lib/<replaceable>arch-id</replaceable></filename></term>
-                                <listitem><para>Location for placing
-                                dynamic libraries, also called <varname>$libdir</varname>.
-                                The architecture identifier to use is defined on <ulink
-                                url="https://wiki.debian.org/Multiarch/Tuples">Multiarch Architecture Specifiers (Tuples)</ulink>
-                                list. Legacy locations of <varname>$libdir</varname> are
-                                <filename>/usr/lib</filename>,
-                                <filename>/usr/lib64</filename>.
-                                This directory should not
-                                be used for package-specific data,
-                                unless this data is
-                                architecture-dependent, too. To query
-                                <varname>$libdir</varname> for the
-                                primary architecture of the system,
-                                invoke:
-                                <programlisting># pkg-config --variable=libdir systemd</programlisting> or
-                                <programlisting># systemd-path system-library-arch</programlisting>
-                                </para></listitem>
-
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/usr/share</filename></term>
-                                <listitem><para>Resources shared
-                                between multiple packages, such as
-                                documentation, man pages, time zone
-                                information, fonts and other
-                                resources. Usually, the precise
-                                location and format of files stored
-                                below this directory is subject to
-                                specifications that ensure
-                                interoperability.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/usr/share/doc</filename></term>
-                                <listitem><para>Documentation for the
-                                operating system or system
-                                packages.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/usr/share/factory/etc</filename></term>
-                                <listitem><para>Repository for
-                                vendor-supplied default configuration
-                                files. This directory should be
-                                populated with pristine vendor versions
-                                of all configuration files that may be
-                                placed in
-                                <filename>/etc</filename>. This is
-                                useful to compare the local
-                                configuration of a system with vendor
-                                defaults and to populate the local
-                                configuration with
-                                defaults.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/usr/share/factory/var</filename></term>
-
-                                <listitem><para>Similar to
-                                <filename>/usr/share/factory/etc</filename>
-                                but for vendor versions of files in
-                                the variable, persistent data
-                                directory
-                                <filename>/var</filename>.</para></listitem>
-
-                        </varlistentry>
-                </variablelist>
-        </refsect1>
-
-        <refsect1>
-                <title>Persistent Variable System Data</title>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><filename>/var</filename></term>
-                                <listitem><para>Persistent, variable
-                                system data. Must be writable. This
-                                directory might be pre-populated with
-                                vendor-supplied data, but applications
-                                should be able to reconstruct
-                                necessary files and directories in
-                                this subhierarchy should they be
-                                missing, as the system might start up
-                                without this directory being
-                                populated. Persistency is recommended,
-                                but optional, to support ephemeral
-                                systems. This directory might become
-                                available or writable only very late
-                                during boot. Components that are
-                                required to operate during early boot
-                                hence shall not unconditionally rely
-                                on this directory.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/var/cache</filename></term>
-                                <listitem><para>Persistent system
-                                cache data. System components may
-                                place non-essential data in this
-                                directory. Flushing this directory
-                                should have no effect on operation of
-                                programs, except for increased
-                                runtimes necessary to rebuild these
-                                caches.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/var/lib</filename></term>
-                                <listitem><para>Persistent system
-                                data. System components may
-                                place private data in this
-                                directory.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/var/log</filename></term>
-                                <listitem><para>Persistent system
-                                logs. System components may place
-                                private logs in this directory, though
-                                it is recommended to do most logging
-                                via the
-                                <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-                                and
-                                <citerefentry><refentrytitle>sd_journal_print</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-                                calls.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/var/spool</filename></term>
-                                <listitem><para>Persistent system
-                                spool data, such as printer or mail
-                                queues.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/var/tmp</filename></term>
-                                <listitem><para>The place for larger
-                                and persistent temporary files. In
-                                contrast to <filename>/tmp</filename>
-                                this directory is usually mounted from
-                                a persistent physical file system and
-                                can thus accept larger files. (Use
-                                <filename>/tmp</filename> for smaller
-                                files.) This directory is generally
-                                not flushed at boot-up, but time-based
-                                cleanup of files that have not been
-                                accessed for a certain time is
-                                applied. The same security
-                                restrictions as with
-                                <filename>/tmp</filename> apply, and
-                                hence only
-                                <citerefentry project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
-                                <citerefentry project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>
-                                or similar calls should be used to
-                                make use of this directory. If
-                                applications find the environment
-                                variable <varname>$TMPDIR</varname>
-                                set they should prefer using the
-                                directory specified in it over
-                                directly referencing
-                                <filename>/var/tmp</filename> (see <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-                                for details).
-                                </para></listitem>
-                        </varlistentry>
-
-                </variablelist>
-        </refsect1>
-
-        <refsect1>
-                <title>Virtual Kernel and API File Systems</title>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><filename>/dev</filename></term>
-                                <listitem><para>The root directory for
-                                device nodes. Usually this directory
-                                is mounted as a
-                                <literal>devtmpfs</literal> instance,
-                                but might be of a different type in
-                                sandboxed/containerized setups. This
-                                directory is managed jointly by the
-                                kernel and
-                                <citerefentry><refentrytitle>systemd-udevd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                                and should not be written to by other
-                                components. A number of special
-                                purpose virtual file systems might be
-                                mounted below this
-                                directory.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/dev/shm</filename></term>
-                                <listitem><para>Place for POSIX shared
-                                memory segments, as created via
-                                <citerefentry><refentrytitle>shm_open</refentrytitle><manvolnum>3</manvolnum></citerefentry>. This
-                                directory is flushed on boot, and is a
-                                <literal>tmpfs</literal> file
-                                system. Since all users have write
-                                access to this directory, special care
-                                should be taken to avoid name clashes
-                                and vulnerabilities. For normal users,
-                                shared memory segments in this
-                                directory are usually deleted when the
-                                user logs out. Usually it is a better
-                                idea to use memory mapped files in
-                                <filename>/run</filename> (for system
-                                programs) or
-                                <varname>$XDG_RUNTIME_DIR</varname>
-                                (for user programs) instead of POSIX
-                                shared memory segments, since those
-                                directories are not world-writable and
-                                hence not vulnerable to
-                                security-sensitive name
-                                clashes.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/proc</filename></term>
-                                <listitem><para>A virtual kernel file
-                                system exposing the process list and
-                                other functionality. This file system
-                                is mostly an API to interface with the
-                                kernel and not a place where normal
-                                files may be stored. For details, see
-                                <citerefentry project='man-pages'><refentrytitle>proc</refentrytitle><manvolnum>5</manvolnum></citerefentry>. A
-                                number of special purpose virtual file
-                                systems might be mounted below this
-                                directory.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/proc/sys</filename></term>
-                                <listitem><para>A hierarchy below
-                                <filename>/proc</filename> that
-                                exposes a number of kernel
-                                tunables. The primary way to configure
-                                the settings in this API file tree is
-                                via
-                                <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                                files. In sandboxed/containerized
-                                setups this directory is generally
-                                mounted read-only.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/sys</filename></term>
-                                <listitem><para>A virtual kernel file
-                                system exposing discovered devices and
-                                other functionality. This file system
-                                is mostly an API to interface with the
-                                kernel and not a place where normal
-                                files may be stored. In
-                                sandboxed/containerized setups this
-                                directory is generally mounted
-                                read-only. A number of special purpose
-                                virtual file systems might be mounted
-                                below this
-                                directory.</para></listitem>
-                        </varlistentry>
-
-
-                </variablelist>
-        </refsect1>
-
-        <refsect1>
-                <title>Compatibility Symlinks</title>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><filename>/bin</filename></term>
-                                <term><filename>/sbin</filename></term>
-                                <term><filename>/usr/sbin</filename></term>
-
-                                <listitem><para>These compatibility
-                                symlinks point to
-                                <filename>/usr/bin</filename>,
-                                ensuring that scripts and binaries
-                                referencing these legacy paths
-                                correctly find their binaries.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/lib</filename></term>
-
-                                <listitem><para>This compatibility
-                                symlink points to
-                                <filename>/usr/lib</filename>,
-                                ensuring that programs referencing
-                                this legacy path correctly find
-                                their resources.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/lib64</filename></term>
-
-                                <listitem><para>On some architecture
-                                ABIs this compatibility symlink points
-                                to <varname>$libdir</varname>,
-                                ensuring that binaries referencing
-                                this legacy path correctly find their
-                                dynamic loader. This symlink only
-                                exists on architectures whose ABI
-                                places the dynamic loader in this
-                                path.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>/var/run</filename></term>
-
-                                <listitem><para>This compatibility
-                                symlink points to
-                                <filename>/run</filename>, ensuring
-                                that programs referencing this legacy
-                                path correctly find their runtime
-                                data.</para></listitem>
-                        </varlistentry>
-
-                </variablelist>
-        </refsect1>
-
-        <refsect1>
-                <title>Home Directory</title>
-
-                <para>User applications may want to place files and
-                directories in the user's home directory. They should
-                follow the following basic structure. Note that some
-                of these directories are also standardized (though
-                more weakly) by the <ulink
-                url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG
-                Base Directory Specification</ulink>. Additional
-                locations for high-level user resources are defined by
-                <ulink
-                url="http://www.freedesktop.org/wiki/Software/xdg-user-dirs/">xdg-user-dirs</ulink>.</para>
-
-                <variablelist>
-                        <varlistentry>
-                                <term><filename>~/.cache</filename></term>
-
-                                <listitem><para>Persistent user cache
-                                data. User programs may place
-                                non-essential data in this
-                                directory. Flushing this directory
-                                should have no effect on operation of
-                                programs, except for increased
-                                runtimes necessary to rebuild these
-                                caches. If an application finds
-                                <varname>$XDG_CACHE_HOME</varname> set
-                                is should use the directory specified
-                                in it instead of this
-                                directory.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>~/.config</filename></term>
-
-                                <listitem><para>Application
-                                configuration and state. When a new
-                                user is created this directory will be
-                                empty or not exist at
-                                all. Applications should fall back to
-                                defaults should their configuration or
-                                state in this directory be missing. If
-                                an application finds
-                                <varname>$XDG_CONFIG_HOME</varname> set
-                                is should use the directory specified
-                                in it instead of this
-                                directory.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>~/.local/bin</filename></term>
-
-                                <listitem><para>Executables that shall
-                                appear in the user's
-                                <varname>$PATH</varname> search
-                                path. It is recommended not to place
-                                executables in this directory that are
-                                not useful for invocation from a
-                                shell; these should be placed in a
-                                subdirectory of
-                                <filename>~/.local/lib</filename>
-                                instead. Care should be taken when
-                                placing architecture-dependent
-                                binaries in this place which might be
-                                problematic if the home directory is
-                                shared between multiple hosts with
-                                different
-                                architectures.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>~/.local/lib</filename></term>
-
-                                <listitem><para>Static, private vendor
-                                data that is compatible with all
-                                architectures.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>~/.local/lib/<replaceable>arch-id</replaceable></filename></term>
-
-                                <listitem><para>Location for placing
-                                public dynamic libraries. The architecture
-                                identifier to use, is defined on <ulink
-                                url="https://wiki.debian.org/Multiarch/Tuples">Multiarch Architecture Specifiers (Tuples)</ulink>
-                                list.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><filename>~/.local/share</filename></term>
-
-                                <listitem><para>Resources shared
-                                between multiple packages, such as
-                                fonts or artwork. Usually, the precise
-                                location and format of files stored
-                                below this directory is subject to
-                                specifications that ensure
-                                interoperability. If
-                                an application finds
-                                <varname>$XDG_DATA_HOME</varname> set
-                                is should use the directory specified
-                                in it instead of this
-                                directory.</para></listitem>
-                        </varlistentry>
-
-                </variablelist>
-        </refsect1>
-
-
-        <refsect1>
-                <title>Unprivileged Write Access</title>
-
-                <para>Unprivileged processes generally lack
-                write access to most of the hierarchy.</para>
-
-                <para>The exceptions for normal users are
-                <filename>/tmp</filename>,
-                <filename>/var/tmp</filename>,
-                <filename>/dev/shm</filename>, as well as the home
-                directory <varname>$HOME</varname> (usually found
-                below <filename>/home</filename>) and the runtime
-                directory <varname>$XDG_RUNTIME_DIR</varname> (found
-                below <filename>/run/user</filename>) of the
-                user, which are all writable.</para>
-
-                <para>For unprivileged system processes only
-                <filename>/tmp</filename>,
-                <filename>/var/tmp</filename> and
-                <filename>/dev/shm</filename> are writable. If an
-                unprivileged system process needs a private, writable
-                directory in <filename>/var</filename> or
-                <filename>/run</filename>, it is recommended to either
-                create it before dropping privileges in the daemon
-                code, to create it via
-                <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                fragments during boot, or via the
-                <varname>RuntimeDirectory=</varname> directive of
-                service units (see
-                <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                for details).</para>
-        </refsect1>
-
-        <refsect1>
-                <title>Node Types</title>
-
-                <para>Unix file systems support different types of file
-                nodes, including regular files, directories, symlinks,
-                character and block device nodes, sockets and FIFOs.</para>
-
-                <para>It is strongly recommended that
-                <filename>/dev</filename> is the only location below
-                which device nodes shall be placed. Similar,
-                <filename>/run</filename> shall be the only location
-                to place sockets and FIFOs. Regular files,
-                directories and symlinks may be used in all
-                directories.</para>
-        </refsect1>
-
-        <refsect1>
-                <title>System Packages</title>
-
-                <para>Developers of system packages should follow
-                strict rules when placing their own files in the file
-                system. The following table lists recommended
-                locations for specific types of files supplied by the
-                vendor.</para>
-
-                <table>
-                  <title>System Package Vendor Files Locations</title>
-                  <tgroup cols='2' align='left' colsep='1' rowsep='1'>
-                    <colspec colname="directory" />
-                    <colspec colname="purpose" />
-                    <thead>
-                      <row>
-                        <entry>Directory</entry>
-                        <entry>Purpose</entry>
-                      </row>
-                    </thead>
-                    <tbody>
-                      <row>
-                        <entry><filename>/usr/bin</filename></entry>
-                        <entry>Package executables that shall appear in the <varname>$PATH</varname> executable search path, compiled for any of the supported architectures compatible with the operating system. It is not recommended to place internal binaries or binaries that are not commonly invoked from the shell in this directory, such as daemon binaries. As this directory is shared with most other packages of the system special care should be taken to pick unique names for files placed here, that are unlikely to clash with other package's files.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/usr/lib/<replaceable>arch-id</replaceable></filename></entry>
-                        <entry>Public shared libraries of the package. As above, be careful with using too generic names, and pick unique names for your libraries to place here to avoid name clashes.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/usr/lib/<replaceable>package</replaceable></filename></entry>
-                        <entry>Private, static vendor resources of the package, including private binaries and libraries, or any other kind of read-only vendor data.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/usr/lib/<replaceable>arch-id</replaceable>/<replaceable>package</replaceable></filename></entry>
-                        <entry>Private other vendor resources of the package that are architecture-specific and cannot be shared between architectures. Note that this generally does not include private executables since binaries of a specific architecture may be freely invoked from any other supported system architecture.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/usr/include/<replaceable>package</replaceable></filename></entry>
-                        <entry>Public C/C++ APIs of public shared libraries of the package.</entry>
-                      </row>
-                    </tbody>
-                  </tgroup>
-                </table>
-
-                <para>Additional static vendor files may be installed
-                in the <filename>/usr/share</filename> hierarchy, to
-                the locations defined by the various relevant
-                specifications.</para>
-
-                <para>During runtime and for local configuration and
-                state additional directories are defined:</para>
-
-                <table>
-                  <title>System Package Variable Files Locations</title>
-                  <tgroup cols='2' align='left' colsep='1' rowsep='1'>
-                    <colspec colname="directory" />
-                    <colspec colname="purpose" />
-                    <thead>
-                      <row>
-                        <entry>Directory</entry>
-                        <entry>Purpose</entry>
-                      </row>
-                    </thead>
-                    <tbody>
-                      <row>
-                        <entry><filename>/etc/<replaceable>package</replaceable></filename></entry>
-                        <entry>System-specific configuration for the package. It is recommended to default to safe fallbacks if this configuration is missing, if this is possible. Alternatively, a <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> fragment may be used to copy or symlink the necessary files and directories from <filename>/usr/share/factory</filename> during boot, via the <literal>L</literal> or <literal>C</literal> directives.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/run/<replaceable>package</replaceable></filename></entry>
-                        <entry>Runtime data for the package. Packages must be able to create the necessary subdirectories in this tree on their own, since the directory is flushed automatically on boot. Alternatively, a <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> fragment may be used to create the necessary directories during boot. Alternatively, the <varname>RuntimeDirectory=</varname> directive of service units may be used (see <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.)</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/run/log/<replaceable>package</replaceable></filename></entry>
-                        <entry>Runtime log data for the package. As above, the package needs to make sure to create this directory if necessary, as it will be flushed on every boot.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/var/cache/<replaceable>package</replaceable></filename></entry>
-                        <entry>Persistent cache data of the package. If this directory is flushed the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/var/lib/<replaceable>package</replaceable></filename></entry>
-                        <entry>Persistent private data of the package. This is the primary place to put persistent data that does not fall into the other categories listed. Packages should be able to create the necessary subdirectories in this tree on their own, since the directory might be missing on boot. Alternatively, a <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> fragment may be used to create the necessary directories during boot.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/var/log/<replaceable>package</replaceable></filename></entry>
-                        <entry>Persistent log data of the package. As above, the package should make sure to create this directory if necessary, as it might be missing.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>/var/spool/<replaceable>package</replaceable></filename></entry>
-                        <entry>Persistent spool/queue data of the package. As above, the package should make sure to create this directory if necessary, as it might be missing.</entry>
-                      </row>
-                    </tbody>
-                  </tgroup>
-                </table>
-        </refsect1>
-
-        <refsect1>
-                <title>User Packages</title>
-
-                <para>Programs running in user context should follow
-                strict rules when placing their own files in the
-                user's home directory. The following table lists
-                recommended locations in the home directory for
-                specific types of files supplied by the vendor if the
-                application is installed in the home directory. (Note
-                however, that user applications installed system-wide
-                should follow the rules outlined above regarding
-                placing vendor files.)</para>
-
-                <table>
-                  <title>User Package Vendor File Locations</title>
-                  <tgroup cols='2' align='left' colsep='1' rowsep='1'>
-                    <colspec colname="directory" />
-                    <colspec colname="purpose" />
-                    <thead>
-                      <row>
-                        <entry>Directory</entry>
-                        <entry>Purpose</entry>
-                      </row>
-                    </thead>
-                    <tbody>
-                      <row>
-                        <entry><filename>~/.local/bin</filename></entry>
-                        <entry>Package executables that shall appear in the <varname>$PATH</varname> executable search path. It is not recommended to place internal executables or executables that are not commonly invoked from the shell in this directory, such as daemon executables. As this directory is shared with most other packages of the user special care should be taken to pick unique names for files placed here, that are unlikely to clash with other package's files.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>~/.local/lib/<replaceable>arch-id</replaceable></filename></entry>
-                        <entry>Public shared libraries of the package. As above, be careful with using too generic names, and pick unique names for your libraries to place here to avoid name clashes.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>~/.local/lib/<replaceable>package</replaceable></filename></entry>
-                        <entry>Private, static vendor resources of the package, compatible with any architecture, or any other kind of read-only vendor data.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>~/.local/lib/<replaceable>arch-id</replaceable>/<replaceable>package</replaceable></filename></entry>
-                        <entry>Private other vendor resources of the package that are architecture-specific and cannot be shared between architectures.</entry>
-                      </row>
-                    </tbody>
-                  </tgroup>
-                </table>
-
-                <para>Additional static vendor files may be installed
-                in the <filename>~/.local/share</filename> hierarchy,
-                to the locations defined by the various relevant
-                specifications.</para>
-
-                <para>During runtime and for local configuration and
-                state additional directories are defined:</para>
-
-                <table>
-                  <title>User Package Variable File Locations</title>
-                  <tgroup cols='2' align='left' colsep='1' rowsep='1'>
-                    <colspec colname="directory" />
-                    <colspec colname="purpose" />
-                    <thead>
-                      <row>
-                        <entry>Directory</entry>
-                        <entry>Purpose</entry>
-                      </row>
-                    </thead>
-                    <tbody>
-                      <row>
-                        <entry><filename>~/.config/<replaceable>package</replaceable></filename></entry>
-                        <entry>User-specific configuration and state for the package. It is required to default to safe fallbacks if this configuration is missing.</entry>
-                      </row>
-                      <row>
-                        <entry><filename><varname>$XDG_RUNTIME_DIR</varname>/<replaceable>package</replaceable></filename></entry>
-                        <entry>User runtime data for the package.</entry>
-                      </row>
-                      <row>
-                        <entry><filename>~/.cache/<replaceable>package</replaceable></filename></entry>
-                        <entry>Persistent cache data of the package. If this directory is flushed the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary.</entry>
-                      </row>
-                    </tbody>
-                  </tgroup>
-                </table>
-        </refsect1>
-
-        <refsect1>
-                <title>See Also</title>
-                <para>
-                        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                        <citerefentry project='man-pages'><refentrytitle>hier</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd-path</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd-efi-boot-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-                        <citerefentry project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                </para>
-        </refsect1>
+  <refentryinfo>
+    <title>file-hierarchy</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>file-hierarchy</refentrytitle>
+    <manvolnum>7</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>file-hierarchy</refname>
+    <refpurpose>File system hierarchy overview</refpurpose>
+  </refnamediv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para>Operating systems using the
+    <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+    system and service manager are organized based on a file system
+    hierarchy inspired by UNIX, more specifically the hierarchy
+    described in the <ulink
+    url="http://refspecs.linuxfoundation.org/FHS_2.3/fhs-2.3.html">File
+    System Hierarchy</ulink> specification and
+    <citerefentry project='man-pages'><refentrytitle>hier</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
+    This manual page describes a more minimal, modernized subset of
+    these specifications that defines more strictly the suggestions
+    and restrictions systemd makes on the file system
+    hierarchy.</para>
+
+    <para>Many of the paths described here are queriable
+    with the
+    <citerefentry><refentrytitle>systemd-path</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+    tool.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>General Structure</title>
+
+    <variablelist>
+      <varlistentry>
+        <term><filename>/</filename></term>
+        <listitem><para>The file system root. Usually writable, but
+        this is not required. Possibly a temporary file system
+        (<literal>tmpfs</literal>). Not shared with other hosts
+        (unless read-only). </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/boot</filename></term>
+        <listitem><para>The boot partition used for bringing up the
+        system. On EFI systems this is possibly the EFI System
+        Partition, also see
+        <citerefentry><refentrytitle>systemd-efi-boot-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+        This directory is usually strictly local to the host, and
+        should be considered read-only, except when a new kernel or
+        boot loader is installed. This directory only exists on
+        systems that run on physical or emulated hardware that
+        requires boot loaders.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/etc</filename></term>
+        <listitem><para>System-specific configuration. This directory
+        may or may not be read-only. Frequently, this directory is
+        pre-populated with vendor-supplied configuration files, but
+        applications should not make assumptions about this directory
+        being fully populated or populated at all, and should fall
+        back to defaults if configuration is
+        missing.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/home</filename></term>
+        <listitem><para>The location for normal user's home
+        directories. Possibly shared with other systems, and never
+        read-only. This directory should only be used for normal
+        users, never for system users. This directory and possibly the
+        directories contained within it might only become available or
+        writable in late boot or even only after user authentication.
+        This directory might be placed on limited-functionality
+        network file systems, hence applications should not assume the
+        full set of file API is available on this directory.
+        Applications should generally not reference this directory
+        directly, but via the per-user <varname>$HOME</varname>
+        environment variable, or via the home directory field of the
+        user database.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/root</filename></term>
+        <listitem><para>The home directory of the root user. The root
+        user's home directory is located outside of
+        <filename>/home</filename> in order to make sure the root user
+        may log in even without <filename>/home</filename> being
+        available and mounted.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/srv</filename></term>
+        <listitem><para>The place to store general server payload,
+        managed by the administrator. No restrictions are made how
+        this directory is organized internally. Generally writable,
+        and possibly shared among systems. This directory might become
+        available or writable only very late during
+        boot.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/tmp</filename></term>
+        <listitem><para>The place for small temporary files. This
+        directory is usually mounted as a <literal>tmpfs</literal>
+        instance, and should hence not be used for larger files. (Use
+        <filename>/var/tmp</filename> for larger files.) Since the
+        directory is accessible to other users of the system it is
+        essential that this directory is only written to with the
+        <citerefentry project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+        <citerefentry project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+        and related calls. This directory is usually flushed at
+        boot-up. Also, files that are not accessed within a certain
+        time are usually automatically deleted. If applications find
+        the environment variable <varname>$TMPDIR</varname> set they
+        should prefer using the directory specified in it over
+        directly referencing <filename>/tmp</filename> (see
+        <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+        and
+        <ulink url="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03">IEEE
+        Std 1003.1</ulink> for details).</para></listitem>
+      </varlistentry>
+
+    </variablelist>
+  </refsect1>
+
+  <refsect1>
+    <title>Runtime Data</title>
+
+    <variablelist>
+      <varlistentry>
+        <term><filename>/run</filename></term>
+        <listitem><para>A <literal>tmpfs</literal> file system for
+        system packages to place runtime data in. This directory is
+        flushed on boot, and generally writable for privileged
+        programs only. Always writable.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/run/log</filename></term>
+        <listitem><para>Runtime system logs. System components may
+        place private logs in this directory. Always writable, even
+        when <filename>/var/log</filename> might not be accessible
+        yet.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/run/user</filename></term>
+        <listitem><para>Contains per-user runtime directories, each
+        usually individually mounted <literal>tmpfs</literal>
+        instances. Always writable, flushed at each reboot and when
+        the user logs out. User code should not reference this
+        directory directly, but via the
+        <varname>$XDG_RUNTIME_DIR</varname> environment variable, as
+        documented in the <ulink
+        url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG
+        Base Directory Specification</ulink>.</para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1>
+    <title>Vendor-supplied Operating System Resources</title>
+
+    <variablelist>
+
+      <varlistentry>
+        <term><filename>/usr</filename></term>
+        <listitem><para>Vendor-supplied operating system resources.
+        Usually read-only, but this is not required. Possibly shared
+        between multiple hosts. This directory should not be modified
+        by the administrator, except when installing or removing
+        vendor-supplied packages.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/usr/bin</filename></term>
+        <listitem><para>Binaries and executables for user commands,
+        that shall appear in the <varname>$PATH</varname> search path.
+        It is recommended not to place binaries in this directory that
+        are not useful for invocation from a shell (such as daemon
+        binaries); these should be placed in a subdirectory of
+        <filename>/usr/lib</filename> instead.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/usr/include</filename></term>
+        <listitem><para>C and C++ API header files of system
+        libraries.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/usr/lib</filename></term>
+        <listitem><para>Static, private vendor data that is compatible
+        with all architectures (though not necessarily
+        architecture-independent). Note that this includes internal
+        executables or other binaries that are not regularly invoked
+        from a shell. Such binaries may be for any architecture
+        supported by the system. Do not place public libraries in this
+        directory, use <varname>$libdir</varname> (see below),
+        instead.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><filename>/usr/lib/<replaceable>arc