aboutsummaryrefslogtreecommitdiffstats
path: root/man7
diff options
authorAlejandro Colomar <alx@kernel.org>2023-02-05 23:14:38 +0100
committerAlejandro Colomar <alx@kernel.org>2023-02-05 23:14:42 +0100
commitcdede5cdd1b0ba75135d3b32d96354026e96f866 (patch)
treef21d7604d25b2de607ef5471e5e180094231e046 /man7
parentf29fc8dcf0da15a596a7cdc7e5a0b2932100b522 (diff)
downloadman-pages-cdede5cdd1b0ba75135d3b32d96354026e96f866.tar.gz
Many pages: Use \[bu] instead of \(bu
Signed-off-by: Alejandro Colomar <alx@kernel.org>
Diffstat (limited to 'man7')
-rw-r--r--man7/bpf-helpers.7198
-rw-r--r--man7/capabilities.7266
-rw-r--r--man7/cgroup_namespaces.710
-rw-r--r--man7/cgroups.794
-rw-r--r--man7/cpuset.724
-rw-r--r--man7/credentials.718
-rw-r--r--man7/environ.720
-rw-r--r--man7/epoll.734
-rw-r--r--man7/fanotify.76
-rw-r--r--man7/feature_test_macros.748
-rw-r--r--man7/inotify.714
-rw-r--r--man7/ip.716
-rw-r--r--man7/ipc_namespaces.76
-rw-r--r--man7/kernel_lockdown.732
-rw-r--r--man7/keyrings.78
-rw-r--r--man7/landlock.76
-rw-r--r--man7/man-pages.746
-rw-r--r--man7/mount_namespaces.74
-rw-r--r--man7/mq_overview.712
-rw-r--r--man7/namespaces.736
-rw-r--r--man7/nptl.710
-rw-r--r--man7/packet.712
-rw-r--r--man7/pthreads.790
-rw-r--r--man7/queue.744
-rw-r--r--man7/random.74
-rw-r--r--man7/rtld-audit.76
-rw-r--r--man7/sched.734
-rw-r--r--man7/signal-safety.712
-rw-r--r--man7/signal.782
-rw-r--r--man7/string_copying.750
-rw-r--r--man7/symlink.722
-rw-r--r--man7/time_namespaces.78
-rw-r--r--man7/unicode.712
-rw-r--r--man7/unix.76
-rw-r--r--man7/user_namespaces.758
35 files changed, 674 insertions, 674 deletions
diff --git a/man7/bpf-helpers.7 b/man7/bpf-helpers.7
index 46441f0f25..14523f0254 100644
--- a/man7/bpf-helpers.7
+++ b/man7/bpf-helpers.7
@@ -184,26 +184,26 @@ In the above:
.INDENT 7.0
.INDENT 3.5
.INDENT 0.0
-.IP \(bu 2
+.IP \[bu] 2
\fBtelnet\fP is the name of the current task.
-.IP \(bu 2
+.IP \[bu] 2
\fB470\fP is the PID of the current task.
-.IP \(bu 2
+.IP \[bu] 2
\fB001\fP is the CPU number on which the task is
running.
-.IP \(bu 2
+.IP \[bu] 2
In \fB\&.N..\fP, each character refers to a set of
options (whether irqs are enabled, scheduling
options, whether hard/softirqs are running, level of
preempt_disabled respectively). \fBN\fP means that
\fBTIF_NEED_RESCHED\fP and \fBPREEMPT_NEED_RESCHED\fP
are set.
-.IP \(bu 2
+.IP \[bu] 2
\fB419421.045894\fP is a timestamp.
-.IP \(bu 2
+.IP \[bu] 2
\fB0x00000001\fP is a fake value used by BPF for the
instruction pointer register.
-.IP \(bu 2
+.IP \[bu] 2
\fB<formatted msg>\fP is the message formatted with
\fIfmt\fP\&.
.UNINDENT
@@ -752,11 +752,11 @@ and can be used with programs attached to TC or XDP as well,
where it allows for passing data to user space listeners. Data
can be:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
Only custom structs,
-.IP \(bu 2
+.IP \[bu] 2
Only the packet payload, or
-.IP \(bu 2
+.IP \[bu] 2
A combination of both.
.UNINDENT
.TP
@@ -854,13 +854,13 @@ to the helper).
.sp
This is flexible enough to be used in several ways:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
With \fIfrom_size\fP == 0, \fIto_size\fP > 0 and \fIseed\fP set to
checksum, it can be used when pushing new data.
-.IP \(bu 2
+.IP \[bu] 2
With \fIfrom_size\fP > 0, \fIto_size\fP == 0 and \fIseed\fP set to
checksum, it can be used when removing data from a packet.
-.IP \(bu 2
+.IP \[bu] 2
With \fIfrom_size\fP > 0, \fIto_size\fP > 0 and \fIseed\fP set to 0, it
can be used to compute a diff. Note that \fIfrom_size\fP and
\fIto_size\fP do not need to be equal.
@@ -987,11 +987,11 @@ Check whether \fIskb\fP is a descendant of the cgroup2 held by
.B Return
The return value depends on the result of the test, and can be:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
0, if the \fIskb\fP failed the cgroup2 descendant test.
-.IP \(bu 2
+.IP \[bu] 2
1, if the \fIskb\fP succeeded the cgroup2 descendant test.
-.IP \(bu 2
+.IP \[bu] 2
A negative error code, if an error occurred.
.UNINDENT
.UNINDENT
@@ -1060,11 +1060,11 @@ subset of the cgroup2 hierarchy. The cgroup2 to test is held by
.B Return
The return value depends on the result of the test, and can be:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
1, if current task belongs to the cgroup2.
-.IP \(bu 2
+.IP \[bu] 2
0, if current task does not belong to the cgroup2.
-.IP \(bu 2
+.IP \[bu] 2
A negative error code, if an error occurred.
.UNINDENT
.UNINDENT
@@ -1332,9 +1332,9 @@ The option value of length \fIoptlen\fP is pointed by \fIoptval\fP\&.
.sp
\fIbpf_socket\fP should be one of the following:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBstruct bpf_sock_ops\fP for \fBBPF_PROG_TYPE_SOCK_OPS\fP\&.
-.IP \(bu 2
+.IP \[bu] 2
\fBstruct bpf_sock_addr\fP for \fBBPF_CGROUP_INET4_CONNECT\fP
and \fBBPF_CGROUP_INET6_CONNECT\fP\&.
.UNINDENT
@@ -1342,20 +1342,20 @@ and \fBBPF_CGROUP_INET6_CONNECT\fP\&.
This helper actually implements a subset of \fBsetsockopt()\fP\&.
It supports the following \fIlevel\fPs:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBSOL_SOCKET\fP, which supports the following \fIoptname\fPs:
\fBSO_RCVBUF\fP, \fBSO_SNDBUF\fP, \fBSO_MAX_PACING_RATE\fP,
\fBSO_PRIORITY\fP, \fBSO_RCVLOWAT\fP, \fBSO_MARK\fP,
\fBSO_BINDTODEVICE\fP, \fBSO_KEEPALIVE\fP\&.
-.IP \(bu 2
+.IP \[bu] 2
\fBIPPROTO_TCP\fP, which supports the following \fIoptname\fPs:
\fBTCP_CONGESTION\fP, \fBTCP_BPF_IW\fP,
\fBTCP_BPF_SNDCWND_CLAMP\fP, \fBTCP_SAVE_SYN\fP,
\fBTCP_KEEPIDLE\fP, \fBTCP_KEEPINTVL\fP, \fBTCP_KEEPCNT\fP,
\fBTCP_SYNCNT\fP, \fBTCP_USER_TIMEOUT\fP, \fBTCP_NOTSENT_LOWAT\fP\&.
-.IP \(bu 2
+.IP \[bu] 2
\fBIPPROTO_IP\fP, which supports \fIoptname\fP \fBIP_TOS\fP\&.
-.IP \(bu 2
+.IP \[bu] 2
\fBIPPROTO_IPV6\fP, which supports \fIoptname\fP \fBIPV6_TCLASS\fP\&.
.UNINDENT
.TP
@@ -1374,18 +1374,18 @@ By default, the helper will reset any offloaded checksum
indicator of the skb to CHECKSUM_NONE. This can be avoided
by the following flag:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_F_ADJ_ROOM_NO_CSUM_RESET\fP: Do not reset offloaded
checksum data of the skb to CHECKSUM_NONE.
.UNINDENT
.sp
There are two supported modes at this time:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_ADJ_ROOM_MAC\fP: Adjust room at the mac layer
(room space is added or removed between the layer 2 and
layer 3 headers).
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_ADJ_ROOM_NET\fP: Adjust room at the network layer
(room space is added or removed between the layer 3 and
layer 4 headers).
@@ -1393,23 +1393,23 @@ layer 4 headers).
.sp
The following flags are supported at this time:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_F_ADJ_ROOM_FIXED_GSO\fP: Do not adjust gso_size.
Adjusting mss in this way is not allowed for datagrams.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_F_ADJ_ROOM_ENCAP_L3_IPV4\fP,
\fBBPF_F_ADJ_ROOM_ENCAP_L3_IPV6\fP:
Any new space is reserved to hold a tunnel header.
Configure skb offsets and other fields accordingly.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_F_ADJ_ROOM_ENCAP_L4_GRE\fP,
\fBBPF_F_ADJ_ROOM_ENCAP_L4_UDP\fP:
Use with ENCAP_L3 flags to further specify the tunnel type.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_F_ADJ_ROOM_ENCAP_L2\fP(\fIlen\fP):
Use with ENCAP_L3/L4 flags to further specify the tunnel
type; \fIlen\fP is the length of the inner MAC header.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_F_ADJ_ROOM_ENCAP_L2_ETH\fP:
Use with BPF_F_ADJ_ROOM_ENCAP_L2 flag to further specify the
L2 type as Ethernet.
@@ -1616,9 +1616,9 @@ The retrieved value is stored in the structure pointed by
.sp
\fIbpf_socket\fP should be one of the following:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBstruct bpf_sock_ops\fP for \fBBPF_PROG_TYPE_SOCK_OPS\fP\&.
-.IP \(bu 2
+.IP \[bu] 2
\fBstruct bpf_sock_addr\fP for \fBBPF_CGROUP_INET4_CONNECT\fP
and \fBBPF_CGROUP_INET6_CONNECT\fP\&.
.UNINDENT
@@ -1626,12 +1626,12 @@ and \fBBPF_CGROUP_INET6_CONNECT\fP\&.
This helper actually implements a subset of \fBgetsockopt()\fP\&.
It supports the following \fIlevel\fPs:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBIPPROTO_TCP\fP, which supports \fIoptname\fP
\fBTCP_CONGESTION\fP\&.
-.IP \(bu 2
+.IP \[bu] 2
\fBIPPROTO_IP\fP, which supports \fIoptname\fP \fBIP_TOS\fP\&.
-.IP \(bu 2
+.IP \[bu] 2
\fBIPPROTO_IPV6\fP, which supports \fIoptname\fP \fBIPV6_TCLASS\fP\&.
.UNINDENT
.TP
@@ -1688,13 +1688,13 @@ supported in the current kernel.
.sp
\fIargval\fP is a flag array which can combine these flags:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_SOCK_OPS_RTO_CB_FLAG\fP (retransmission time out)
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_SOCK_OPS_RETRANS_CB_FLAG\fP (retransmission)
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_SOCK_OPS_STATE_CB_FLAG\fP (TCP state change)
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_SOCK_OPS_RTT_CB_FLAG\fP (every RTT)
.UNINDENT
.sp
@@ -1710,15 +1710,15 @@ callback:
Here are some examples of where one could call such eBPF
program:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
When RTO fires.
-.IP \(bu 2
+.IP \[bu] 2
When a packet is retransmitted.
-.IP \(bu 2
+.IP \[bu] 2
When the connection terminates.
-.IP \(bu 2
+.IP \[bu] 2
When a packet is sent.
-.IP \(bu 2
+.IP \[bu] 2
When a packet is received.
.UNINDENT
.TP
@@ -1756,11 +1756,11 @@ the next \fIbytes\fP (number of bytes) of message \fImsg\fP\&.
.sp
For example, this helper can be used in the following cases:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
A single \fBsendmsg\fP() or \fBsendfile\fP() system call
contains multiple logical messages that the eBPF program is
supposed to read and for which it should apply a verdict.
-.IP \(bu 2
+.IP \[bu] 2
An eBPF program only cares to read the first \fIbytes\fP of a
\fImsg\fP\&. If the message has a large payload, then setting up
and calling the eBPF program repeatedly for all bytes, even
@@ -2022,11 +2022,11 @@ ingress).
.TP
.B Return
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
< 0 if any input argument is invalid
-.IP \(bu 2
+.IP \[bu] 2
0 on success (packet is forwarded, nexthop neighbor exists)
-.IP \(bu 2
+.IP \[bu] 2
> 0 one of \fBBPF_FIB_LKUP_RET_\fP codes explaining why the
packet is not forwarded or needs assist from full stack
.UNINDENT
@@ -2565,55 +2565,55 @@ spinlock can (and must) later be released with a call to
Spinlocks in BPF programs come with a number of restrictions
and constraints:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBbpf_spin_lock\fP objects are only allowed inside maps of
types \fBBPF_MAP_TYPE_HASH\fP and \fBBPF_MAP_TYPE_ARRAY\fP (this
list could be extended in the future).
-.IP \(bu 2
+.IP \[bu] 2
BTF description of the map is mandatory.
-.IP \(bu 2
+.IP \[bu] 2
The BPF program can take ONE lock at a time, since taking two
or more could cause dead locks.
-.IP \(bu 2
+.IP \[bu] 2
Only one \fBstruct bpf_spin_lock\fP is allowed per map element.
-.IP \(bu 2
+.IP \[bu] 2
When the lock is taken, calls (either BPF to BPF or helpers)
are not allowed.
-.IP \(bu 2
+.IP \[bu] 2
The \fBBPF_LD_ABS\fP and \fBBPF_LD_IND\fP instructions are not
allowed inside a spinlock\-ed region.
-.IP \(bu 2
+.IP \[bu] 2
The BPF program MUST call \fBbpf_spin_unlock\fP() to release
the lock, on all execution paths, before it returns.
-.IP \(bu 2
+.IP \[bu] 2
The BPF program can access \fBstruct bpf_spin_lock\fP only via
the \fBbpf_spin_lock\fP() and \fBbpf_spin_unlock\fP()
helpers. Loading or storing data into the \fBstruct
bpf_spin_lock\fP \fIlock\fP\fB;\fP field of a map is not allowed.
-.IP \(bu 2
+.IP \[bu] 2
To use the \fBbpf_spin_lock\fP() helper, the BTF description
of the map value must be a struct and have \fBstruct
bpf_spin_lock\fP \fIanyname\fP\fB;\fP field at the top level.
Nested lock inside another struct is not allowed.
-.IP \(bu 2
+.IP \[bu] 2
The \fBstruct bpf_spin_lock\fP \fIlock\fP field in a map value must
be aligned on a multiple of 4 bytes in that value.
-.IP \(bu 2
+.IP \[bu] 2
Syscall with command \fBBPF_MAP_LOOKUP_ELEM\fP does not copy
the \fBbpf_spin_lock\fP field to user space.
-.IP \(bu 2
+.IP \[bu] 2
Syscall with command \fBBPF_MAP_UPDATE_ELEM\fP, or update from
a BPF program, do not update the \fBbpf_spin_lock\fP field.
-.IP \(bu 2
+.IP \[bu] 2
\fBbpf_spin_lock\fP cannot be on the stack or inside a
networking packet (it can only be inside of a map values).
-.IP \(bu 2
+.IP \[bu] 2
\fBbpf_spin_lock\fP is available to root only.
-.IP \(bu 2
+.IP \[bu] 2
Tracing programs and socket filter programs cannot use
\fBbpf_spin_lock\fP() due to insufficient preemption checks
(but this may change in the future).
-.IP \(bu 2
+.IP \[bu] 2
\fBbpf_spin_lock\fP is not allowed in inner maps of map\-in\-map.
.UNINDENT
.TP
@@ -3281,11 +3281,11 @@ selection.
.sp
\fIflags\fP argument can combination of following values:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_SK_LOOKUP_F_REPLACE\fP to override the previous
socket selection, potentially done by a BPF program
that ran before us.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_SK_LOOKUP_F_NO_REUSEPORT\fP to skip
load\-balancing within reuseport group for the socket
being selected.
@@ -3296,20 +3296,20 @@ On success \fIctx\->sk\fP will point to the selected socket.
.B Return
0 on success, or a negative errno in case of failure.
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fB\-EAFNOSUPPORT\fP if socket family (\fIsk\->family\fP) is
not compatible with packet family (\fIctx\->family\fP).
-.IP \(bu 2
+.IP \[bu] 2
\fB\-EEXIST\fP if socket has been already selected,
potentially by another program, and
\fBBPF_SK_LOOKUP_F_REPLACE\fP flag was not specified.
-.IP \(bu 2
+.IP \[bu] 2
\fB\-EINVAL\fP if unsupported flags were specified.
-.IP \(bu 2
+.IP \[bu] 2
\fB\-EPROTOTYPE\fP if socket L4 protocol
(\fIsk\->protocol\fP) doesn\[aq]t match packet protocol
(\fIctx\->protocol\fP).
-.IP \(bu 2
+.IP \[bu] 2
\fB\-ESOCKTNOSUPPORT\fP if socket is not in allowed
state (TCP listening or UDP unconnected).
.UNINDENT
@@ -3490,13 +3490,13 @@ Nothing. Always succeeds.
Query various characteristics of provided ring buffer. What
exactly is queries is determined by \fIflags\fP:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_RB_AVAIL_DATA\fP: Amount of data not yet consumed.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_RB_RING_SIZE\fP: The size of ring buffer.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_RB_CONS_POS\fP: Consumer position (can wrap around).
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_RB_PROD_POS\fP: Producer(s) position (can wrap around).
.UNINDENT
.sp
@@ -3529,16 +3529,16 @@ stack instead of just egressing at tc.
.sp
There are three supported level settings at this time:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_CSUM_LEVEL_INC\fP: Increases skb\->csum_level for skbs
with CHECKSUM_UNNECESSARY.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_CSUM_LEVEL_DEC\fP: Decreases skb\->csum_level for skbs
with CHECKSUM_UNNECESSARY.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_CSUM_LEVEL_RESET\fP: Resets skb\->csum_level to 0 and
sets CHECKSUM_NONE to force checksum validation by the stack.
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_CSUM_LEVEL_QUERY\fP: No\-op, returns the current
skb\->csum_level.
.UNINDENT
@@ -3686,7 +3686,7 @@ of a header option.
.sp
Supported flags:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_LOAD_HDR_OPT_TCP_SYN\fP to search from the
saved_syn packet or the just\-received syn packet.
.UNINDENT
@@ -4166,9 +4166,9 @@ MTU value in your BPF\-code.
.TP
.B Return
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
0 on success, and populate MTU value in \fImtu_len\fP pointer.
-.IP \(bu 2
+.IP \[bu] 2
< 0 if any input argument is invalid (\fImtu_len\fP not updated)
.UNINDENT
.sp
@@ -4176,9 +4176,9 @@ MTU violations return positive values, but also populate MTU
value in \fImtu_len\fP pointer, as this can be needed for
implementing PMTU handing:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_MTU_CHK_RET_FRAG_NEEDED\fP
-.IP \(bu 2
+.IP \[bu] 2
\fBBPF_MTU_CHK_RET_SEGS_TOOBIG\fP
.UNINDENT
.UNINDENT
@@ -4378,11 +4378,11 @@ Expects BPF program context \fIctx\fP as a first argument.
.TP
.B Supported for the following program types:
.INDENT 7.0
-.IP \(bu 2
+.IP \[bu] 2
kprobe/uprobe;
-.IP \(bu 2
+.IP \[bu] 2
tracepoint;
-.IP \(bu 2
+.IP \[bu] 2
perf_event.
.UNINDENT
.UNINDENT
@@ -4992,9 +4992,9 @@ within a struct bpf_dynptr.
Example usage for most of the eBPF helpers listed in this manual page are
available within the Linux kernel sources, at the following locations:
.INDENT 0.0
-.IP \(bu 2
+.IP \[bu] 2
\fIsamples/bpf/\fP
-.IP \(bu 2
+.IP \[bu] 2
\fItools/testing/selftests/bpf/\fP
.UNINDENT
.SH LICENSE
@@ -5030,23 +5030,23 @@ check by yourself what helper functions exist in your kernel, or what types of
programs they can support, here are some files among the kernel tree that you
may be interested in:
.INDENT 0.0
-.IP \(bu 2
+.IP \[bu] 2
\fIinclude/uapi/linux/bpf.h\fP is the main BPF header. It contains the full list
of all helper functions, as well as many other BPF definitions including most
of the flags, structs or constants used by the helpers.
-.IP \(bu 2
+.IP \[bu] 2
\fInet/core/filter.c\fP contains the definition of most network\-related helper
functions, and the list of program types from which they can be used.
-.IP \(bu 2
+.IP \[bu] 2
\fIkernel/trace/bpf_trace.c\fP is the equivalent for most tracing program\-related
helpers.
-.IP \(bu 2
+.IP \[bu] 2
\fIkernel/bpf/verifier.c\fP contains the functions used to check that valid types
of eBPF maps are used with a given helper function.
-.IP \(bu 2
+.IP \[bu] 2
\fIkernel/bpf/\fP directory contains other files in which additional helpers are
defined (for cgroups, sockmaps, etc.).
-.IP \(bu 2
+.IP \[bu] 2
The bpftool utility can be used to probe the availability of helper functions
on the system (as well as supported program and map types, and a number of
other parameters). To do so, run \fBbpftool feature probe\fP (see
diff --git a/man7/capabilities.7 b/man7/capabilities.7
index 7c4268adfe..663e27d38c 100644
--- a/man7/capabilities.7
+++ b/man7/capabilities.7
@@ -85,12 +85,12 @@ capability.
.\" commit 124ea650d3072b005457faed69909221c2905a1f
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Update
.I /proc/sys/kernel/ns_last_pid
(see
.BR pid_namespaces (7));
-.IP \(bu
+.IP \[bu]
employ the
.I set_tid
feature of
@@ -98,7 +98,7 @@ feature of
.\" FIXME There is also some use case relating to
.\" prctl_set_mm_exe_file(); in the 5.9 sources, see
.\" prctl_set_mm_map().
-.IP \(bu
+.IP \[bu]
read the contents of the symbolic links in
.IR /proc/ pid /map_files
for other processes.
@@ -121,13 +121,13 @@ Bypass file read, write, and execute permission checks.
.B CAP_DAC_READ_SEARCH
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Bypass file read permission checks and
directory read and execute permission checks;
-.IP \(bu
+.IP \[bu]
invoke
.BR open_by_handle_at (2);
-.IP \(bu
+.IP \[bu]
use the
.BR linkat (2)
.B AT_EMPTY_PATH
@@ -138,7 +138,7 @@ flag to create a link to a file referred to by a file descriptor.
.B CAP_FOWNER
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Bypass permission checks on operations that normally
require the filesystem UID of the process to match the UID of
the file (e.g.,
@@ -148,19 +148,19 @@ excluding those operations covered by
.B CAP_DAC_OVERRIDE
and
.BR CAP_DAC_READ_SEARCH ;
-.IP \(bu
+.IP \[bu]
set inode flags (see
.BR ioctl_iflags (2))
on arbitrary files;
-.IP \(bu
+.IP \[bu]
set Access Control Lists (ACLs) on arbitrary files;
-.IP \(bu
+.IP \[bu]
ignore directory sticky bit on file deletion;
-.IP \(bu
+.IP \[bu]
modify
.I user
extended attributes on sticky directory owned by any user;
-.IP \(bu
+.IP \[bu]
specify
.B O_NOATIME
for arbitrary files in
@@ -173,10 +173,10 @@ and
.B CAP_FSETID
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Don't clear set-user-ID and set-group-ID mode
bits when a file is modified;
-.IP \(bu
+.IP \[bu]
set the set-group-ID bit for a file whose GID does not match
the filesystem or any of the supplementary GIDs of the calling process.
.RE
@@ -187,13 +187,13 @@ the filesystem or any of the supplementary GIDs of the calling process.
.\" in other places; they probably should be replaced with something else.
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Lock memory
.RB ( mlock (2),
.BR mlockall (2),
.BR mmap (2),
.BR shmctl (2));
-.IP \(bu
+.IP \[bu]
Allocate memory using huge pages
.RB ( memfd_create (2),
.BR mmap (2),
@@ -245,23 +245,23 @@ Create special files using
Perform various network-related operations:
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
interface configuration;
-.IP \(bu
+.IP \[bu]
administration of IP firewall, masquerading, and accounting;
-.IP \(bu
+.IP \[bu]
modify routing tables;
-.IP \(bu
+.IP \[bu]
bind to any address for transparent proxying;
-.IP \(bu
+.IP \[bu]
set type-of-service (TOS);
-.IP \(bu
+.IP \[bu]
clear driver statistics;
-.IP \(bu
+.IP \[bu]
set promiscuous mode;
-.IP \(bu
+.IP \[bu]
enabling multicasting;
-.IP \(bu
+.IP \[bu]
use
.BR setsockopt (2)
to set the following socket options:
@@ -287,9 +287,9 @@ Bind a socket to Internet domain privileged ports
.B CAP_NET_RAW
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Use RAW and PACKET sockets;
-.IP \(bu
+.IP \[bu]
bind to any address for transparent proxying.
.RE
.PD
@@ -298,11 +298,11 @@ bind to any address for transparent proxying.
.BR CAP_PERFMON " (since Linux 5.8)"
Employ various performance-monitoring mechanisms, including:
.RS
-.IP \(bu 3
+.IP \[bu] 3
.PD 0
call
.BR perf_event_open (2);
-.IP \(bu
+.IP \[bu]
employ various BPF operations that have performance implications.
.RE
.PD
@@ -317,11 +317,11 @@ See also the kernel source file
.B CAP_SETGID
.RS
.PD 0
-.IP \(bu 3
+.IP \[bu] 3
Make arbitrary manipulations of process GIDs and supplementary GID list;
-.IP \(bu
+.IP \[bu]
forge GID when passing socket credentials via UNIX domain sockets;
-.IP \(bu
+.IP \[bu]
write a group ID mapping in a user namespace (see
.BR user_namespaces (7)).
.PD
@@ -360,15 +360,15 @@ has entirely different semantics for such kernels.)
.B CAP_SETUID
.RS
.PD 0
-.IP \(bu 3
+.IP \[bu] 3
Make arbitrary manipulations of process UIDs
.RB ( setuid (2),
.BR setreuid (2),
.BR setresuid (2),
.BR setfsuid (2));
-.IP \(bu
+.IP \[bu]
forge UID when passing socket credentials via UNIX domain sockets;
-.IP \(bu
+.IP \[bu]
write a user ID mapping in a user namespace (see
.BR user_namespaces (7)).
.PD
@@ -383,7 +383,7 @@ below.
.IP
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Perform a range of system administration operations including:
.BR quotactl (2),
.BR mount (2),
@@ -394,53 +394,53 @@ Perform a range of system administration operations including:
.BR sethostname (2),
and
.BR setdomainname (2);
-.IP \(bu
+.IP \[bu]
perform privileged
.BR syslog (2)
operations (since Linux 2.6.37,
.B CAP_SYSLOG
should be used to permit such operations);
-.IP \(bu
+.IP \[bu]
perform
.B VM86_REQUEST_IRQ
.BR vm86 (2)
command;
-.IP \(bu
+.IP \[bu]
access the same checkpoint/restore functionality that is governed by
.B CAP_CHECKPOINT_RESTORE
(but the latter, weaker capability is preferred for accessing
that functionality).
-.IP \(bu
+.IP \[bu]
perform the same BPF operations as are governed by
.B CAP_BPF
(but the latter, weaker capability is preferred for accessing
that functionality).
-.IP \(bu
+.IP \[bu]
employ the same performance monitoring mechanisms as are governed by
.B CAP_PERFMON
(but the latter, weaker capability is preferred for accessing
that functionality).
-.IP \(bu
+.IP \[bu]
perform
.B IPC_SET
and
.B IPC_RMID
operations on arbitrary System V IPC objects;
-.IP \(bu
+.IP \[bu]
override
.B RLIMIT_NPROC
resource limit;
-.IP \(bu
+.IP \[bu]
perform operations on
.I trusted
and
.I security
extended attributes (see
.BR xattr (7));
-.IP \(bu
+.IP \[bu]
use
.BR lookup_dcookie (2);
-.IP \(bu
+.IP \[bu]
use
.BR ioprio_set (2)
to assign
@@ -448,9 +448,9 @@ to assign
and (before Linux 2.6.25)
.B IOPRIO_CLASS_IDLE
I/O scheduling classes;
-.IP \(bu
+.IP \[bu]
forge PID when passing socket credentials via UNIX domain sockets;
-.IP \(bu
+.IP \[bu]
exceed
.IR /proc/sys/fs/file\-max ,
the system-wide limit on the number of open files,
@@ -459,7 +459,7 @@ in system calls that open files (e.g.,
.BR execve (2),
.BR open (2),
.BR pipe (2));
-.IP \(bu
+.IP \[bu]
employ
.B CLONE_*
flags that create new namespaces with
@@ -468,11 +468,11 @@ and
.BR unshare (2)
(but, since Linux 3.8,
creating user namespaces does not require any capability);
-.IP \(bu
+.IP \[bu]
access privileged
.I perf
event information;
-.IP \(bu
+.IP \[bu]
call
.BR setns (2)
(requires
@@ -480,73 +480,73 @@ call
in the
.I target
namespace);
-.IP \(bu
+.IP \[bu]
call
.BR fanotify_init (2);
-.IP \(bu
+.IP \[bu]
perform privileged
.B KEYCTL_CHOWN
and
.B KEYCTL_SETPERM
.BR keyctl (2)
operations;
-.IP \(bu
+.IP \[bu]
perform
.BR madvise (2)
.B MADV_HWPOISON
operation;
-.IP \(bu
+.IP \[bu]
employ the
.B TIOCSTI
.BR ioctl (2)
to insert characters into the input queue of a terminal other than
the caller's controlling terminal;
-.IP \(bu
+.IP \[bu]
employ the obsolete
.BR nfsservctl (2)
system call;
-.IP \(bu
+.IP \[bu]
employ the obsolete
.BR bdflush (2)
system call;
-.IP \(bu
+.IP \[bu]
perform various privileged block-device
.BR ioctl (2)
operations;
-.IP \(bu
+.IP \[bu]
perform various privileged filesystem
.BR ioctl (2)
operations;
-.IP \(bu
+.IP \[bu]
perform privileged
.BR ioctl (2)
operations on the
.I /dev/random
device (see
.BR random (4));
-.IP \(bu
+.IP \[bu]
install a
.BR seccomp (2)
filter without first having to set the
.I no_new_privs
thread attribute;
-.IP \(bu
+.IP \[bu]
modify allow/deny rules for device control groups;
-.IP \(bu
+.IP \[bu]
employ the
.BR ptrace (2)
.B PTRACE_SECCOMP_GET_FILTER
operation to dump tracee's seccomp filters;
-.IP \(bu
+.IP \[bu]
employ the
.BR ptrace (2)
.B PTRACE_SETOPTIONS
operation to suspend the tracee's seccomp protections (i.e., the
.B PTRACE_O_SUSPEND_SECCOMP
flag);
-.IP \(bu
+.IP \[bu]
perform administrative operations on many device drivers;
-.IP \(bu
+.IP \[bu]
modify autogroup nice values by writing to
.IR /proc/ pid /autogroup
(see
@@ -563,10 +563,10 @@ and
.B CAP_SYS_CHROOT
.RS
.PD 0
-.IP \(bu 3
+.IP \[bu] 3
Use
.BR chroot (2);
-.IP \(bu
+.IP \[bu]
change mount namespaces using
.BR setns (2).
.PD
@@ -575,13 +575,13 @@ change mount namespaces using
.B CAP_SYS_MODULE
.RS
.PD 0
-.IP \(bu 3
+.IP \[bu] 3
Load and unload kernel modules
(see
.BR init_module (2)
and
.BR delete_module (2));
-.IP \(bu
+.IP \[bu]
before Linux 2.6.25:
drop capabilities from the system-wide capability bounding set.
.PD
@@ -590,24 +590,24 @@ drop capabilities from the system-wide capability bounding set.
.B CAP_SYS_NICE
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Lower the process nice value
.RB ( nice (2),
.BR setpriority (2))
and change the nice value for arbitrary processes;
-.IP \(bu
+.IP \[bu]
set real-time scheduling policies for calling process,
and set scheduling policies and priorities for arbitrary processes
.RB ( sched_setscheduler (2),
.BR sched_setparam (2),
.BR sched_setattr (2));
-.IP \(bu
+.IP \[bu]
set CPU affinity for arbitrary processes
.RB ( sched_setaffinity (2));
-.IP \(bu
+.IP \[bu]
set I/O scheduling class and priority for arbitrary processes
.RB ( ioprio_set (2));
-.IP \(bu
+.IP \[bu]
apply
.BR migrate_pages (2)
to arbitrary processes and allow processes
@@ -618,11 +618,11 @@ to be migrated to arbitrary nodes;
.\" capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE);
.\"
.\" Document this.
-.IP \(bu
+.IP \[bu]
apply
.BR move_pages (2)
to arbitrary processes;
-.IP \(bu
+.IP \[bu]
use the
.B MPOL_MF_MOVE_ALL
flag with
@@ -639,19 +639,19 @@ Use
.B CAP_SYS_PTRACE
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Trace arbitrary processes using
.BR ptrace (2);
-.IP \(bu
+.IP \[bu]
apply
.BR get_robust_list (2)
to arbitrary processes;
-.IP \(bu
+.IP \[bu]
transfer data to or from the memory of arbitrary processes using
.BR process_vm_readv (2)
and
.BR process_vm_writev (2);
-.IP \(bu
+.IP \[bu]
inspect processes using
.BR kcmp (2).
.RE
@@ -660,45 +660,45 @@ inspect processes using
.B CAP_SYS_RAWIO
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Perform I/O port operations
.RB ( iopl (2)
and
.BR ioperm (2));
-.IP \(bu
+.IP \[bu]
access
.IR /proc/kcore ;
-.IP \(bu
+.IP \[bu]
employ the
.B FIBMAP
.BR ioctl (2)
operation;
-.IP \(bu
+.IP \[bu]
open devices for accessing x86 model-specific registers (MSRs, see
.BR msr (4));
-.IP \(bu
+.IP \[bu]
update
.IR /proc/sys/vm/mmap_min_addr ;
-.IP \(bu
+.IP \[bu]
create memory mappings at addresses below the value specified by
.IR /proc/sys/vm/mmap_min_addr ;
-.IP \(bu
+.IP \[bu]
map files in
.IR /proc/bus/pci ;
-.IP \(bu
+.IP \[bu]
open
.I /dev/mem
and
.IR /dev/kmem ;
-.IP \(bu
+.IP \[bu]
perform various SCSI device commands;
-.IP \(bu
+.IP \[bu]
perform certain operations on
.BR hpsa (4)
and
.BR cciss (4)
devices;
-.IP \(bu
+.IP \[bu]
perform a range of device-specific operations on other devices.
.RE
.PD
@@ -706,28 +706,28 @@ perform a range of device-specific operations on other devices.
.B CAP_SYS_RESOURCE
.PD 0
.RS
-.IP \(bu 3
+.IP \[bu] 3
Use reserved space on ext2 filesystems;
-.IP \(bu
+.IP \[bu]
make
.BR ioctl (2)
calls controlling ext3 journaling;
-.IP \(bu
+.IP \[bu]
override disk quota limits;
-.IP \(bu
+.IP \[bu]
increase resource limits (see
.BR setrlimit (2));
-.IP \(bu
+.IP \[bu]
override
.B RLIMIT_NPROC
resource limit;
-.IP \(bu
+.IP \[bu]
override maximum number of consoles on console allocation;
-.IP \(bu
+.IP \[bu]
override maximum number of keymaps;
-.IP \(bu
+.IP \[bu]
allow more than 64hz interrupts from the real-time clock;
-.IP \(bu
+.IP \[bu]
raise
.I msg_qbytes
limit for a System V message queue above the limit in
@@ -736,26 +736,26 @@ limit for a System V message queue above the limit in
.BR msgop (2)
and
.BR msgctl (2));
-.IP \(bu
+.IP \[bu]
allow the
.B RLIMIT_NOFILE
resource limit on the number of "in-flight" file descriptors
to be bypassed when passing file descriptors to another process
via a UNIX domain socket (see
.BR unix (7));
-.IP \(bu
+.IP \[bu]
override the
.I /proc/sys/fs/pipe\-size\-max
limit when setting the capacity of a pipe using the
.B F_SETPIPE_SZ
.BR fcntl (2)
command;
-.IP \(bu
+.IP \[bu]
use
.B F_SETPIPE_SZ
to increase the capacity of a pipe above the limit specified by
.IR /proc/sys/fs/pipe\-max\-size ;
-.IP \(bu
+.IP \[bu]
override
.IR /proc/sys/fs/mqueue/queues_max ,
.IR /proc/sys/fs/mqueue/msg_max ,
@@ -763,12 +763,12 @@ and
.I /proc/sys/fs/mqueue/msgsize_max
limits when creating POSIX message queues (see
.BR mq_overview (7));
-.IP \(bu
+.IP \[bu]
employ the
.BR prctl (2)
.B PR_SET_MM
operation;
-.IP \(bu
+.IP \[bu]
set
.IR /proc/ pid /oom_score_adj
to a value lower than the value last set by a process with
@@ -793,14 +793,14 @@ operations on virtual terminals.
.BR CAP_SYSLOG " (since Linux 2.6.37)"
.RS
.PD 0
-.IP \(bu 3
+.IP \[bu] 3
Perform privileged
.BR syslog (2)
operations.
See
.BR syslog (2)
for information on which operations require privilege.
-.IP \(bu
+.IP \[bu]
View kernel addresses exposed via
.I /proc
and other interfaces when
@@ -822,14 +822,14 @@ timers).
.\"
.SS Past and current implementation
A full implementation of capabilities requires that:
-.IP \(bu 3
+.IP \[bu] 3
For all privileged operations,
the kernel must check whether the thread has the required
capability in its effective set.
-.IP \(bu
+.IP \[bu]
The kernel must provide system calls allowing a thread's capability sets to
be changed and retrieved.
-.IP \(bu
+.IP \[bu]
The filesystem must support attaching capabilities to an executable file,
so that a process gains those capabilities when the file is executed.
.PP
@@ -839,12 +839,12 @@ since Linux 2.6.24, all three requirements are met.
.SS Notes to kernel developers
When adding a new kernel feature that should be governed by a capability,
consider the following points.
-.IP \(bu 3
+.IP \[bu] 3
The goal of capabilities is divide the power of superuser into pieces,
such that if a program that has one or more capabilities is compromised,
its power to do damage to the system would be less than the same program
running with root privilege.
-.IP \(bu
+.IP \[bu]
You have the choice of either creating a new capability for your new feature,
or associating the feature with one of the existing capabilities.
In order to keep the set of capabilities to a manageable size,
@@ -852,7 +852,7 @@ the latter option is preferable,
unless there are compelling reasons to take the former option.
(There is also a technical limit:
the size of capability sets is currently limited to 64 bits.)
-.IP \(bu
+.IP \[bu]
To determine which existing capability might best be associated
with your new feature, review the list of capabilities above in order
to find a "silo" into which your new feature best fits.
@@ -860,7 +860,7 @@ One approach to take is to determine if there are other features
requiring capabilities that will always be used along with the new feature.
If the new feature is useless without these other features,
you should use the same capability as the other features.
-.IP \(bu
+.IP \[bu]
.I Don't
choose
.B CAP_SYS_ADMIN
@@ -878,7 +878,7 @@ The only new features that should be associated with
are ones that
.I closely
match existing uses in that silo.
-.IP \(bu
+.IP \[bu]
If you have determined that it really is necessary to create
a new capability for your feature,
don't make or name it as a "single-use" capability.
@@ -1102,11 +1102,11 @@ extended attribute is automatically created as (or converted to)
a version 3
.RB ( VFS_CAP_REVISION_3 )
attribute if both of the following are true:
-.IP \(bu 3
+.IP \[bu] 3
The thread writing the attribute resides in a noninitial user namespace.
(More precisely: the thread resides in a user namespace other
than the one from which the underlying filesystem was mounted.)
-.IP \(bu
+.IP \[bu]
The thread has the
.B CAP_SETFCAP
capability over the file inode,
@@ -1209,13 +1209,13 @@ denotes a file capability set
.PP
Note the following details relating to the above capability
transformation rules:
-.IP \(bu 3
+.IP \[bu] 3
The ambient capability set is present only since Linux 4.3.
When determining the transformation of the ambient set during
.BR execve (2),
a privileged file is one that has capabilities or
has the set-user-ID or set-group-ID bit set.
-.IP \(bu
+.IP \[bu]
Prior to Linux 2.6.25,
the bounding set was a system-wide attribute shared by all threads.
That system-wide value was employed to calculate the new permitted set during
@@ -1370,7 +1370,7 @@ The capability bounding set is a security mechanism that can be used
to limit the capabilities that can be gained during an
.BR execve (2).
The bounding set is used in the following ways:
-.IP \(bu 3
+.IP \[bu] 3
During an
.BR execve (2),
the capability bounding set is ANDed with the file permitted
@@ -1378,7 +1378,7 @@ capability set, and the result of this operation is assigned to the
thread's permitted capability set.
The capability bounding set thus places a limit on the permitted
capabilities that may be granted by an executable file.
-.IP \(bu
+.IP \[bu]
(Since Linux 2.6.25)
The capability bounding set acts as a limiting superset for
the capabilities that a thread can add to its inheritable set using
@@ -1491,19 +1491,19 @@ and filesystem user IDs (using
.BR setuid (2),
.BR setresuid (2),
or similar):
-.IP \(bu 3
+.IP \[bu] 3
If one or more of the real, effective, or saved set user IDs
was previously 0, and as a result of the UID changes all of these IDs
have a nonzero value,
then all capabilities are cleared from the permitted, effective, and ambient
capability sets.
-.IP \(bu
+.IP \[bu]
If the effective user ID is changed from 0 to nonzero,
then all capabilities are cleared from the effective set.
-.IP \(bu
+.IP \[bu]
If the effective user ID is changed from nonzero to 0,
then the permitted set is copied to the effective set.
-.IP \(bu
+.IP \[bu]
If the filesystem user ID is changed from 0 to nonzero (see
.BR setfsuid (2)),
then the following capabilities are cleared from the effective set:
@@ -1544,21 +1544,21 @@ both provided in the
package,
is preferred for this purpose.
The following rules govern changes to the thread capability sets:
-.IP \(bu 3
+.IP \[bu] 3
If the caller does not have the
.B CAP_SETPCAP
capability,
the new inheritable set must be a subset of the combination
of the existing inheritable and permitted sets.
-.IP \(bu
+.IP \[bu]
(Since Linux 2.6.25)
The new inheritable set must be a subset of the combination of the
existing inheritable set and the capability bounding set.
-.IP \(bu
+.IP \[bu]
The new permitted set must be a subset of the existing permitted set
(i.e., it is not possible to acquire permitted capabilities
that the thread does not currently have).
-.IP \(bu
+.IP \[bu]
The new effective set must be a subset of the new permitted set.
.SS The securebits flags: establishing a capabilities-only environment
.\" For some background:
@@ -1824,14 +1824,14 @@ However, this is only theoretically possible,
since no thread ever has
.B CAP_SETPCAP
in either of these cases:
-.IP \(bu 3
+.IP \[bu] 3
In the pre-2.6.25 implementation the system-wide capability bounding set,
.IR /proc/sys/kernel/cap\-bound ,
always masks out the
.B CAP_SETPCAP
capability, and this can not be changed
without modifying the kernel source and rebuilding the kernel.
-.IP \(bu
+.IP \[bu]
If file capabilities are disabled (i.e., the kernel
.B CONFIG_SECURITY_FILE_CAPABILITIES
option is disabled), then
diff --git a/man7/cgroup_namespaces.7 b/man7/cgroup_namespaces.7
index 1b154005b4..b1b0c41294 100644
--- a/man7/cgroup_namespaces.7
+++ b/man7/cgroup_namespaces.7
@@ -168,13 +168,13 @@ Use of cgroup namespaces requires a kernel that is configured with the
option.
.PP
The virtualization provided by cgroup namespaces serves a number of purposes:
-.IP \(bu 3
+.IP \[bu] 3
It prevents information leaks whereby cgroup directory paths outside of
a container would otherwise be visible to processes in the container.
Such leakages could, for example,
reveal information about the container framework
to containerized applications.
-.IP \(bu
+.IP \[bu]
It eases tasks such as container migration.
The virtualization provided by cgroup namespaces
allows containers to be isolated from knowledge of
@@ -184,17 +184,17 @@ Without such isolation, the full cgroup pathnames (displayed in
would need to be replicated on the target system when migrating a container;
those pathnames would also need to be unique,
so that they don't conflict with other pathnames on the target system.
-.IP \(bu
+.IP \[bu]
It allows better confinement of containerized processes,
because it is possible to mount the container's cgroup filesystems such that
the container processes can't gain access to ancestor cgroup directories.
Consider, for example, the following scenario:
.RS
-.IP \(bu 3
+.IP \[bu] 3
We have a cgroup directory,
.IR /cg/1 ,
that is owned by user ID 9000.
-.IP \(bu
+.IP \[bu]
We have a process,
.IR X ,
also owned by user ID 9000,
diff --git a/man7/cgroups.7 b/man7/cgroups.7
index cd68ff77d7..7670ab9a58 100644
--- a/man7/cgroups.7
+++ b/man7/cgroups.7
@@ -559,20 +559,20 @@ under both the v1 and the v2 hierarchies.
.PP
The new behaviors in cgroups v2 are summarized here,
and in some cases elaborated in the following subsections.
-.IP \(bu 3
+.IP \[bu] 3
Cgroups v2 provides a unified hierarchy against
which all controllers are mounted.
-.IP \(bu
+.IP \[bu]
"Internal" processes are not permitted.
With the exception of the root cgroup, processes may reside
only in leaf nodes (cgroups that do not themselves contain child cgroups).
The details are somewhat more subtle than this, and are described below.
-.IP \(bu
+.IP \[bu]
Active cgroups must be specified via the files
.I cgroup.controllers
and
.IR cgroup.subtree_control .
-.IP \(bu
+.IP \[bu]
The
.I tasks
file has been removed.
@@ -581,7 +581,7 @@ In addition, the
file that is employed by the
.I cpuset
controller has been removed.
-.IP \(bu
+.IP \[bu]
An improved mechanism for notification of empty cgroups is provided by the
.I cgroup.events
file.
@@ -920,14 +920,14 @@ The cgroups v2 release-notification mechanism
offers the following advantages over the cgroups v1
.I release_agent
mechanism:
-.IP \(bu 3
+.IP \[bu] 3
It allows for cheaper notification,
since a single process can monitor multiple
.I cgroup.events
files (using the techniques described earlier).
By contrast, the cgroups v1 mechanism requires the expense of creating
a process for each notification.
-.IP \(bu
+.IP \[bu]
Notification for different cgroup subhierarchies can be delegated
to different processes.
By contrast, the cgroups v1 mechanism allows only one release agent
@@ -1114,7 +1114,7 @@ The effect of this mount option is to cause cgroup namespaces
to automatically become delegation boundaries.
More specifically,
the following restrictions apply for processes inside the cgroup namespace:
-.IP \(bu 3
+.IP \[bu] 3
Writes to controller interface files in the root directory of the namespace
will fail with the error
.BR EPERM .
@@ -1124,7 +1124,7 @@ files in the root directory of the cgroup namespace such as
and
.IR cgroup.subtree_control ,
and can create subhierarchy underneath the root directory.
-.IP \(bu
+.IP \[bu]
Attempts to migrate processes across the namespace boundary are denied
(with the error
.BR ENOENT ).
@@ -1151,7 +1151,7 @@ Even if a cgroup namespace was employed,
because both hierarchies are owned by the unprivileged user
.IR cecilia ,
the following illegitimate actions could be performed:
-.IP \(bu 3
+.IP \[bu] 3
A process in the inferior hierarchy could change the
resource controller settings in the root directory of that hierarchy.
(These resource controller settings are intended to allow control to
@@ -1159,7 +1159,7 @@ be exercised from the
.I parent
cgroup;
a process inside the child cgroup should not be allowed to modify them.)
-.IP \(bu
+.IP \[bu]
A process inside the inferior hierarchy could move processes
into and out of the inferior hierarchy if the cgroups in the
superior hierarchy were somehow visible.
@@ -1208,11 +1208,11 @@ A nonprivileged process (i.e., the delegatee) can write the PID of
a "target" process into a
.I cgroup.procs
file only if all of the following are true:
-.IP \(bu 3
+.IP \[bu] 3
The writer has write permission on the
.I cgroup.procs
file in the destination cgroup.
-.IP \(bu
+.IP \[bu]
The writer has write permission on the
.I cgroup.procs
file in the nearest common ancestor of the source and destination cgroups.
@@ -1222,12 +1222,12 @@ This requirement is not enforced for cgroups v1 hierarchies,
with the consequence that containment in v1 is less strict than in v2.
(For example, in cgroups v1 the user that owns two distinct
delegated subhierarchies can move a process between the hierarchies.)
-.IP \(bu
+.IP \[bu]
If the cgroup v2 filesystem was mounted with the
.I nsdelegate
option, the writer must be able to see the source and destination cgroups
from its cgroup namespace.
-.IP \(bu
+.IP \[bu]
In cgroups v1:
the effective UID of the writer (i.e., the delegatee) matches the
real user ID or the saved set-user-ID of the target process.
@@ -1248,10 +1248,10 @@ instead, the delegater must place the first process
.SH CGROUPS VERSION 2 THREAD MODE
Among the restrictions imposed by cgroups v2 that were not present
in cgroups v1 are the following:
-.IP \(bu 3
+.IP \[bu] 3
.IR "No thread-granularity control" :
all of the threads of a process must be in the same cgroup.
-.IP \(bu
+.IP \[bu]
.IR "No internal processes" :
a cgroup can't both have member processes and
exercise controllers on child cgroups.
@@ -1278,17 +1278,17 @@ To accommodate such use cases, Linux 4.14 added
for cgroups v2.
.PP
Thread mode allows the following:
-.IP \(bu 3
+.IP \[bu] 3
The creation of
.I threaded subtrees
in which the threads of a process may
be spread across cgroups inside the tree.
(A threaded subtree may contain multiple multithreaded processes.)
-.IP \(bu
+.IP \[bu]
The concept of
.IR "threaded controllers" ,
which can distribute resources across the cgroups in a threaded subtree.
-.IP \(bu
+.IP \[bu]
A relaxation of the "no internal processes rule",
so that, within a threaded subtree,
a cgroup can both contain member threads and
@@ -1343,7 +1343,7 @@ possible future extensions to the thread mode model
.SS Threaded versus domain controllers
With the addition of threads mode,
cgroups v2 now distinguishes two types of resource controllers:
-.IP \(bu 3
+.IP \[bu] 3
.I Threaded
.\" In the kernel source, look for ".threaded[ \t]*= true" in
.\" initializations of struct cgroup_subsys
@@ -1356,7 +1356,7 @@ As at Linux 4.19, the following controllers are threaded:
.IR perf_event ,
and
.IR pids .
-.IP \(bu
+.IP \[bu]
.I Domain
controllers: these controllers support only process granularity
for resource control.
@@ -1378,19 +1378,19 @@ that currently has the type
.IR domain .
This has the following effects:
.RS
-.IP \(bu 3
+.IP \[bu] 3
The type of the cgroup
.I y/z
becomes
.IR threaded .
-.IP \(bu
+.IP \[bu]
The type of the parent cgroup,
.IR y ,
becomes
.IR "domain threaded" .
The parent cgroup is the root of a threaded subtree
(also known as the "threaded root").
-.IP \(bu
+.IP \[bu]
All other cgroups under
.I y
that were not already of type
@@ -1434,12 +1434,12 @@ we (1.1) enable one or more threaded controllers and
(These two steps can be done in either order.)
This has the following consequences:
.RS
-.IP \(bu 3
+.IP \[bu] 3
The type of
.I z
becomes
.IR "domain threaded" .
-.IP \(bu
+.IP \[bu]
All of the descendant cgroups of
.I x
that were not already of type
@@ -1498,17 +1498,17 @@ As with writing to
some containment rules apply when writing to the
.I cgroup.threads
file:
-.IP \(bu 3
+.IP \[bu] 3
The writer must have write permission on the
cgroup.threads
file in the destination cgroup.
-.IP \(bu
+.IP \[bu]
The writer must have write permission on the
.I cgroup.procs
file in the common ancestor of the source and destination cgroups.
(In some cases,
the common ancestor may be the source or destination cgroup itself.)
-.IP \(bu
+.IP \[bu]
The source and destination cgroups must be in the same threaded subtree.
(Outside a threaded subtree, an attempt to move a thread by writing
its thread ID to the
@@ -1551,7 +1551,7 @@ and exercise controllers on child cgroups.
A number of rules apply when writing to the
.I cgroup.type
file:
-.IP \(bu 3
+.IP \[bu] 3
Only the string
.I """threaded"""
may be written.
@@ -1559,30 +1559,30 @@ In other words, the only explicit transition that is possible is to convert a
.I domain
cgroup to type
.IR threaded .
-.IP \(bu
+.IP \[bu]
The effect of writing
.I """threaded"""
depends on the current value in
.IR cgroup.type ,
as follows:
.RS
-.IP \(bu 3
+.IP \[bu] 3
.I domain
or
.IR "domain threaded" :
start the creation of a threaded subtree
(whose root is the parent of this cgroup) via
the first of the pathways described above;
-.IP \(bu
+.IP \[bu]
.IR "domain\ invalid" :
convert this cgroup (which is inside a threaded subtree) to a usable (i.e.,
.IR threaded )
state;
-.IP \(bu
+.IP \[bu]
.IR threaded :
no effect (a "no-op").
.RE
-.IP \(bu
+.IP \[bu]
We can't write to a
.I cgroup.type
file if the parent's type is
@@ -1594,13 +1594,13 @@ state in a top-down manner.
There are also some constraints that must be satisfied
in order to create a threaded subtree rooted at the cgroup
.IR x :
-.IP \(bu 3
+.IP \[bu] 3
There can be no member processes in the descendant cgroups of
.IR x .
(The cgroup
.I x
can itself have member processes.)
-.IP \(bu
+.IP \[bu]
No domain controllers may be enabled in
.IR x 's
.I cgroup.subtree_control
@@ -1618,11 +1618,11 @@ According to the pathways described above,
the type of a cgroup can change to
.I domain threaded
in either of the following cases:
-.IP \(bu 3
+.IP \[bu] 3
The string
.I """threaded"""
is written to a child cgroup.
-.IP \(bu
+.IP \[bu]
A threaded controller is enabled inside the cgroup and
a process is made a member of the cgroup.
.PP
@@ -1647,14 +1647,14 @@ cgroup
.I x
reverts to the type
.IR domain :
-.IP \(bu 3
+.IP \[bu] 3
All
.I domain invalid
descendants of
.I x
that are not in lower-level threaded subtrees revert to the type
.IR domain .
-.IP \(bu
+.IP \[bu]
The root cgroups in any lower-level threaded subtrees revert to the type
.IR "domain threaded" .
.\"
@@ -1670,10 +1670,10 @@ If the string
is written to the
.I cgroup.type
file of one of the children of the root cgroup, then
-.IP \(bu 3
+.IP \[bu] 3
The type of that cgroup becomes
.IR threaded .
-.IP \(bu
+.IP \[bu]
The type of any descendants of that cgroup that
are not part of lower-level threaded subtrees changes to
.IR "domain invalid" .
@@ -1780,11 +1780,11 @@ If multiple cgroups v1 controllers are bound to the same hierarchy,
then each will show the same hierarchy ID in this field.
The value in this field will be 0 if:
.RS
-.IP \(bu 3
+.IP \[bu] 3
the controller is not mounted on a cgroups v1 hierarchy;
-.IP \(bu
+.IP \[bu]
the controller is bound to the cgroups v2 single unified hierarchy; or
-.IP \(bu
+.IP \[bu]
the controller is disabled (see below).
.RE
.IP [3]
diff --git a/man7/cpuset.7 b/man7/cpuset.7
index 57a21f62ce..dffb3563e6 100644
--- a/man7/cpuset.7
+++ b/man7/cpuset.7
@@ -519,17 +519,17 @@ always return zero, as represented by the ASCII string "0\en".
See the \fBWARNINGS\fR section, below.
.PP
A per-cpuset, running average is employed for the following reasons:
-.IP \(bu 3
+.IP \[bu] 3
Because this meter is per-cpuset rather than per-process or per virtual
memory region, the system load imposed by a batch scheduler monitoring
this metric is sharply reduced on large systems, because a scan of
the tasklist can be avoided on each set of queries.
-.IP \(bu
+.IP \[bu]
Because this meter is a running average rather than an accumulating
counter, a batch scheduler can detect memory pressure with a
single read, instead of having to read and accumulate results
for a period of time.
-.IP \(bu
+.IP \[bu]
Because this meter is per-cpuset rather than per-process,
the batch scheduler can obtain the key information\[em]memory
pressure in a cpuset\[em]with a single read, rather than having to
@@ -629,11 +629,11 @@ Cpuset-specified memory spreading behaves similarly to what is known
.PP
Cpuset-specified memory spreading can provide substantial performance
improvements for jobs that:
-.IP \(bu 3
+.IP \[bu] 3
need to place thread-local data on
memory nodes close to the CPUs which are running the threads that most
frequently access that data; but also
-.IP \(bu
+.IP \[bu]
need to access large filesystem data sets that must to be spread
across the several nodes in the job's cpuset in order to fit.
.PP
@@ -705,11 +705,11 @@ marked isolated using the kernel boot time "isolcpus=" argument.
.PP
This default load balancing across all CPUs is not well suited to
the following two situations:
-.IP \(bu 3
+.IP \[bu] 3
On large systems, load balancing across many CPUs is expensive.
If the system is managed using cpusets to place independent jobs
on separate sets of CPUs, full load balancing is unnecessary.
-.IP \(bu
+.IP \[bu]
Systems supporting real-time on some CPUs need to minimize
system overhead on those CPUs, including avoiding process load
balancing if that is not needed.
@@ -911,22 +911,22 @@ Examples of the \fBList Format\fR:
.\" ================== RULES ==================
.SH RULES
The following rules apply to each cpuset:
-.IP \(bu 3
+.IP \[bu] 3
Its CPUs and memory nodes must be a (possibly equal)
subset of its parent's.
-.IP \(bu
+.IP \[bu]
It can be marked
.I cpu_exclusive
only if its parent is.
-.IP \(bu
+.IP \[bu]
It can be marked
.I mem_exclusive
only if its parent is.
-.IP \(bu
+.IP \[bu]
If it is
.IR cpu_exclusive ,
its CPUs may not overlap any sibling.
-.IP \(bu
+.IP \[bu]
If it is
.IR mem_exclusive ,
its memory nodes may not overlap any sibling.
diff --git a/man7/credentials.7 b/man7/credentials.7
index 535248f96b..02f8f8aa31 100644
--- a/man7/credentials.7
+++ b/man7/credentials.7
@@ -154,13 +154,13 @@ and
.IR <sys/types.h> ).
.PP
On Linux, each process has the following user and group identifiers:
-.IP \(bu 3
+.IP \[bu] 3
Real user ID and real group ID.
These IDs determine who owns the process.
A process can obtain its real user (group) ID using
.BR getuid (2)
.RB ( getgid (2)).
-.IP \(bu
+.IP \[bu]
Effective user ID and effective group ID.
These IDs are used by the kernel to determine the permissions
that the process will have when accessing shared resources such
@@ -172,7 +172,7 @@ for this task.
A process can obtain its effective user (group) ID using
.BR geteuid (2)
.RB ( getegid (2)).
-.IP \(bu
+.IP \[bu]
Saved set-user-ID and saved set-group-ID.
These IDs are used in set-user-ID and set-group-ID programs to save
a copy of the corresponding effective IDs that were set when
@@ -194,7 +194,7 @@ or
A process can obtain its saved set-user-ID (set-group-ID) using
.BR getresuid (2)
.RB ( getresgid (2)).
-.IP \(bu
+.IP \[bu]
Filesystem user ID and filesystem group ID (Linux-specific).
These IDs, in conjunction with the supplementary group IDs described
below, are used to determine permissions for accessing files; see
@@ -211,7 +211,7 @@ by calling
.BR setfsuid (2)
and
.BR setfsgid (2).
-.IP \(bu
+.IP \[bu]
Supplementary group IDs.
This is a set of additional group IDs that are used for permission
checks when accessing files and other shared resources.
@@ -241,10 +241,10 @@ the effective and saved set IDs may be changed, as described in
.PP
Aside from the purposes noted above,
a process's user IDs are also employed in a number of other contexts:
-.IP \(bu 3
+.IP \[bu] 3
when determining the permissions for sending signals (see
.BR kill (2));
-.IP \(bu
+.IP \[bu]
when determining the permissions for setting
process-scheduling parameters (nice value, real time
scheduling policy and priority, CPU affinity, I/O priority) using
@@ -255,10 +255,10 @@ scheduling policy and priority, CPU affinity, I/O priority) using
.BR sched_setattr (2),
and
.BR ioprio_set (2);
-.IP \(bu
+.IP \[bu]
when checking resource limits (see
.BR getrlimit (2));
-.IP \(bu
+.IP \[bu]
when checking the limit on the number of inotify instances
that the process may create (see
.BR inotify (7)).
diff --git a/man7/environ.7 b/man7/environ.7
index be71add29a..3d4f707d67 100644
--- a/man7/environ.7
+++ b/man7/environ.7
@@ -198,7 +198,7 @@ command shall be valid.
Note that the behavior of many programs and library routines is
influenced by the presence or value of certain environment variables.
Examples include the following:
-.IP \(bu 3
+.IP \[bu] 3
The variables
.BR LANG ", " LANGUAGE ", " NLSPATH ", " LOCPATH ,
.BR LC_ALL ", " LC_MESSAGES ,
@@ -207,37 +207,37 @@ and so on influence locale handling; see
.BR gettext (3),
and
.BR locale (7).
-.IP \(bu
+.IP \[bu]
.B TMPDIR
influences the path prefix of names created by
.BR tempnam (3)
and other routines, and the temporary directory used by
.BR sort (1)
and other programs.
-.IP \(bu
+.IP \[bu]
.BR LD_LIBRARY_PATH ", " LD_PRELOAD ,
and other
.B LD_*
variables influence the behavior of the dynamic loader/linker.
See also
.BR ld.so (8).
-.IP \(bu
+.IP \[bu]
.B POSIXLY_CORRECT
makes certain programs and library routines follow
the prescriptions of POSIX.
-.IP \(bu
+.IP \[bu]
The behavior of
.BR malloc (3)
is influenced by
.B MALLOC_*
variables.
-.IP \(bu
+.IP \[bu]
The variable
.B HOSTALIASES
gives the name of a file containing aliases
to be used with
.BR gethostbyname (3).
-.IP \(bu
+.IP \[bu]
.BR TZ " and " TZDIR
give timezone information used by
.BR tzset (3)
@@ -248,14 +248,14 @@ and through that by functions like
.BR strftime (3).
See also
.BR tzselect (8).
-.IP \(bu
+.IP \[bu]
.B TERMCAP
gives information on how to address a given terminal
(or gives the name of a file containing such information).
-.IP \(bu
+.IP \[bu]
.BR COLUMNS " and " LINES
tell applications about the window size, possibly overriding the actual size.
-.IP \(bu
+.IP \[bu]
.BR PRINTER " or " LPDEST
may specify the desired printer to use.
See
diff --git a/man7/epoll.7 b/man7/epoll.7
index bc5fa9b27e..ffb409a51e 100644
--- a/man7/epoll.7
+++ b/man7/epoll.7
@@ -29,14 +29,14 @@ API is the
.IR instance ,
an in-kernel data structure which, from a user-space perspective,
can be considered as a container for two lists:
-.IP \(bu 3
+.IP \[bu] 3
The
.I interest
list (sometimes also called the
.B epoll
set): the set of file descriptors that the process has registered
an interest in monitoring.
-.IP \(bu
+.IP \[bu]
The
.I ready
list: the set of file descriptors that are "ready" for I/O.
@@ -50,7 +50,7 @@ The following system calls are provided to
create and manage an
.B epoll
instance:
-.IP \(bu 3
+.IP \[bu] 3
.BR epoll_create (2)
creates a new
.B epoll
@@ -59,13 +59,13 @@ instance and returns a file descriptor referring to that instance.
.BR epoll_create1 (2)
extends the functionality of
.BR epoll_create (2).)
-.IP \(bu
+.IP \[bu]
Interest in particular file descriptors is then registered via
.BR epoll_ctl (2),
which adds items to the interest list of the
.B epoll
instance.
-.IP \(bu
+.IP \[bu]
.BR epoll_wait (2)
waits for I/O events,
blocking the calling thread if no events are currently available.
@@ -355,7 +355,7 @@ calling
with
.BR EPOLL_CTL_MOD .
.SS Questions and answers
-.IP \(bu 3
+.IP \[bu] 3
What is the key used to distinguish the file descriptors registered in an
interest list?
.IP
@@ -363,7 +363,7 @@ The key is the combination of the file descriptor number and
the open file description
(also known as an "open file handle",
the kernel's internal representation of an open file).
-.IP \(bu
+.IP \[bu]
What happens if you register the same file descriptor on an
.B epoll
instance twice?
@@ -397,7 +397,7 @@ This can be a useful technique for filtering events,
if the duplicate file descriptors are registered with different
.I events
masks.
-.IP \(bu
+.IP \[bu]
Can two
.B epoll
instances wait for the same file descriptor?
@@ -407,7 +407,7 @@ file descriptors?
.IP
Yes, and events would be reported to both.
However, careful programming may be needed to do this correctly.
-.IP \(bu
+.IP \[bu]
Is the
.B epoll
file descriptor itself poll/epoll/selectable?
@@ -417,7 +417,7 @@ If an
.B epoll
file descriptor has events waiting, then it will
indicate as being readable.
-.IP \(bu
+.IP \[bu]
What happens if one attempts to put an
.B epoll
file descriptor into its own file descriptor set?
@@ -431,14 +431,14 @@ However, you can add an
file descriptor inside another
.B epoll
file descriptor set.
-.IP \(bu
+.IP \[bu]
Can I send an
.B epoll
file descriptor over a UNIX domain socket to another process?
.IP
Yes, but it does not make sense to do this, since the receiving process
would not have copies of the file descriptors in the interest list.
-.IP \(bu
+.IP \[bu]
Will closing a file descriptor cause it to be removed from all
.B epoll
interest lists?
@@ -477,13 +477,13 @@ behind the scenes by library functions that used
.BR dup (2)
or
.BR fork (2)).
-.IP \(bu
+.IP \[bu]
If more than one event occurs between
.BR epoll_wait (2)
calls, are they combined or reported separately?
.IP
They will be combined.
-.IP \(bu
+.IP \[bu]
Does an operation on a file descriptor affect the
already collected but not yet reported events?
.IP
@@ -491,7 +491,7 @@ You can do two operations on an existing file descriptor.
Remove would be meaningless for
this case.
Modify will reread available I/O.
-.IP \(bu
+.IP \[bu]
Do I need to continuously read/write a file descriptor
until
.B EAGAIN
@@ -530,7 +530,7 @@ The same is true when writing using
(Avoid this latter technique if you cannot guarantee that
the monitored file descriptor always refers to a stream-oriented file.)
.SS Possible pitfalls and ways to avoid them
-.IP \(bu 3
+.IP \[bu] 3
.B Starvation (edge-triggered)
.IP
If there is a large amount of I/O space,
@@ -546,7 +546,7 @@ remember which files need to be processed but still round robin amongst
all the ready files.
This also supports ignoring subsequent events you
receive for file descriptors that are already ready.
-.IP \(bu
+.IP \[bu]
.B If using an event cache...
.IP
If you use an event cache or store all the file descriptors returned from
diff --git a/man7/fanotify.7 b/man7/fanotify.7
index 43580d347c..6ebb98adac 100644
--- a/man7/fanotify.7
+++ b/man7/fanotify.7
@@ -968,7 +968,7 @@ events.
.PP
As of Linux 3.17,
the following bugs exist:
-.IP \(bu 3
+.IP \[bu] 3
On Linux, a filesystem object may be accessible through multiple paths,
for example, a part of a filesystem may be remounted using the
.I \-\-bind
@@ -977,7 +977,7 @@ option of
A listener that marked a mount will be notified only of events that were
triggered for a filesystem object using the same mount.
Any other event will pass unnoticed.
-.IP \(bu
+.IP \[bu]
.\" FIXME . A patch was proposed.
When an event is generated,
no check is made to see whether the user ID of the
@@ -986,7 +986,7 @@ before passing a file descriptor for that file.
This poses a security risk, when the
.B CAP_SYS_ADMIN
capability is set for programs executed by unprivileged users.
-.IP \(bu
+.IP \[bu]
If a call to
.BR read (2)
processes multiple events from the fanotify queue and an error occurs,
diff --git a/man7/feature_test_macros.7 b/man7/feature_test_macros.7
index bb13e7913e..6c0d70cd00 100644
--- a/man7/feature_test_macros.7
+++ b/man7/feature_test_macros.7
@@ -129,7 +129,7 @@ in glibc 2.\fIx\fP,
> 0.
.PP
First, though, a summary of a few details for the impatient:
-.IP \(bu 3
+.IP \[bu] 3
The macros that you most likely need to use in modern source code are
.B _POSIX_C_SOURCE
(for definitions from various versions of POSIX.1),
@@ -139,13 +139,13 @@ The macros that you most likely need to use in modern source code are
(for GNU and/or Linux specific stuff), and
.B _DEFAULT_SOURCE
(to get definitions that would normally be provided by default).
-.IP \(bu
+.IP \[bu]
Certain macros are defined with default values.
Thus, although one or more macros may be indicated as being
required in the SYNOPSIS of a man page,
it may not be necessary to define them explicitly.
Full details of the defaults are given later in this man page.
-.IP \(bu
+.IP \[bu]
Defining
.B _XOPEN_SOURCE
with a value of 600 or greater produces the same effects as defining
@@ -167,7 +167,7 @@ it is implicit that the following has the same effect:
_XOPEN_SOURCE >= 600
.EE
.in
-.IP \(bu
+.IP \[bu]
Defining
.B _XOPEN_SOURCE
with a value of 700 or greater produces the same effects as defining
@@ -208,20 +208,20 @@ flag.
.B _POSIX_C_SOURCE
Defining this macro causes header files to expose definitions as follows:
.RS
-.IP \(bu 3
+.IP \[bu] 3
The value 1 exposes definitions conforming to POSIX.1-1990 and
ISO C (1990).
-.IP \(bu
+.IP \[bu]
The value 2 or greater additionally exposes
definitions for POSIX.2-1992.
-.IP \(bu
+.IP \[bu]
The value 199309L or greater additionally exposes
definitions for POSIX.1b (real-time extensions).
.\" 199506L functionality is available only since glibc 2.1
-.IP \(bu
+.IP \[bu]
The value 199506L or greater additionally exposes
definitions for POSIX.1c (threads).
-.IP \(bu
+.IP \[bu]
(Since glibc 2.3.3)
The value 200112L or greater additionally exposes definitions corresponding
to the POSIX.1-2001 base specification (excluding the XSI extension).
@@ -229,7 +229,7 @@ This value also causes C95 (since glibc 2.12) and
C99 (since glibc 2.10) features to be exposed
(in other words, the equivalent of defining
.BR _ISOC99_SOURCE ).
-.IP \(bu
+.IP \[bu]
(Since glibc 2.10)
The value 200809L or greater additionally exposes definitions corresponding
to the POSIX.1-2008 base specification (excluding the XSI extension).
@@ -247,17 +247,17 @@ feature test macro requirements in the man pages.
.B _XOPEN_SOURCE
Defining this macro causes header files to expose definitions as follows:
.RS
-.IP \(bu 3
+.IP \[bu] 3
Defining with any value exposes
definitions conforming to POSIX.1, POSIX.2, and XPG4.
-.IP \(bu
+.IP \[bu]
The value 500 or greater additionally exposes
definitions for SUSv2 (UNIX 98).
-.IP \(bu
+.IP \[bu]
(Since glibc 2.2) The value 600 or greater additionally exposes
definitions for SUSv3 (UNIX 03; i.e., the POSIX.1-2001 base specification
plus the XSI extension) and C99 definitions.
-.IP \(bu
+.IP \[bu]
(Since glibc 2.10) The value 700 or greater additionally exposes
definitions for SUSv4 (i.e., the POSIX.1-2008 base specification
plus the XSI extension).
@@ -276,10 +276,10 @@ nor
is explicitly defined, then
the following macros are implicitly defined:
.RS
-.IP \(bu 3
+.IP \[bu] 3
.B _POSIX_SOURCE
is defined with the value 1.
-.IP \(bu
+.IP \[bu]
.B _POSIX_C_SOURCE
is defined, according to the value of
.BR _XOPEN_SOURCE :
@@ -712,41 +712,41 @@ and either
is not defined or
.B _XOPEN_SOURCE
is defined with a value of 500 or more, then
-.IP \(bu 3
+.IP \[bu] 3
.B _POSIX_SOURCE
is defined with the value 1; and
-.IP \(bu
+.IP \[bu]
.B _POSIX_C_SOURCE
is defined with one of the following values:
.RS 3
-.IP \(bu 3
+.IP \[bu] 3
2,
if
.B _XOPEN_SOURCE
is defined with a value less than 500;
-.IP \(bu
+.IP \[bu]
199506L,
if
.B _XOPEN_SOURCE
is defined with a value greater than or equal to 500 and less than 600;
or
-.IP \(bu
+.IP \[bu]
(since glibc 2.4) 200112L,
if
.B _XOPEN_SOURCE
is defined with a value greater than or equal to 600 and less than 700.
-.IP \(bu
+.IP \[bu]
(Since glibc 2.10)
200809L,
if
.B _XOPEN_SOURCE
is defined with a value greater than or equal to 700.
-.IP \(bu
+.IP \[bu]
Older versions of glibc do not know about the values
200112L and 200809L for
.BR _POSIX_C_SOURCE ,
and the setting of this macro will depend on the glibc version.
-.IP \(bu
+.IP \[bu]
If
.B _XOPEN_SOURCE
is undefined, then the setting of
diff --git a/man7/inotify.7 b/man7/inotify.7
index 265b73f524..62112e0528 100644
--- a/man7/inotify.7
+++ b/man7/inotify.7
@@ -16,7 +16,7 @@ When a directory is monitored, inotify will return events
for the directory itself, and for files inside the directory.
.PP
The following system calls are used with this API:
-.IP \(bu 3
+.IP \[bu] 3
.BR inotify_init (2)
creates an inotify instance and returns a file descriptor
referring to the inotify instance.
@@ -27,7 +27,7 @@ is like
but has a
.I flags
argument that provides access to some extra functionality.
-.IP \(bu
+.IP \[bu]
.BR inotify_add_watch (2)
manipulates the "watch list" associated with an inotify instance.
Each item ("watch") in the watch list specifies the pathname of
@@ -40,16 +40,16 @@ Each watch has a unique "watch descriptor", an integer
returned by
.BR inotify_add_watch (2)
when the watch is created.
-.IP \(bu
+.IP \[bu]
When events occur for monitored files and directories,
those events are made available to the application as structured data that
can be read from the inotify file descriptor using
.BR read (2)
(see below).
-.IP \(bu
+.IP \[bu]
.BR inotify_rm_watch (2)
removes an item from an inotify watch list.
-.IP \(bu
+.IP \[bu]
When all file descriptors referring to an inotify
instance have been closed (using
.BR close (2)),
@@ -259,10 +259,10 @@ an event can be generated for activity on any link to the file
(in the same or a different directory).
.PP
When monitoring a directory:
-.IP \(bu 3
+.IP \[bu] 3
the events marked above with an asterisk (*) can occur both
for the directory itself and for objects inside the directory; and
-.IP \(bu
+.IP \[bu]
the events marked with a plus sign (+) occur only for objects
inside the directory (not for the directory itself).
.PP
diff --git a/man7/ip.7 b/man7/ip.7
index 2b689b22f8..7c71e09716 100644
--- a/man7/ip.7
+++ b/man7/ip.7
@@ -90,24 +90,24 @@ is the IP protocol in the IP header to be received or sent.
Valid values for
.I protocol
include:
-.IP \(bu 3
+.IP \[bu] 3
0 and
.B IPPROTO_TCP
for
.BR tcp (7)
stream sockets;
-.IP \(bu
+.IP \[bu]
0 and
.B IPPROTO_UDP
for
.BR udp (7)
datagram sockets;
-.IP \(bu
+.IP \[bu]
.B IPPROTO_SCTP
for
.BR sctp (7)
stream sockets; and
-.IP \(bu
+.IP \[bu]
.B IPPROTO_UDPLITE
for
.BR udplite (7)
@@ -1148,16 +1148,16 @@ is, the range used for
.IR "ephemeral ports" .
An ephemeral port is allocated to a socket in the following circumstances:
.RS
-.IP \(bu 3
+.IP \[bu] 3
the port number in a socket address is specified as 0 when calling
.BR bind (2);
-.IP \(bu
+.IP \[bu]
.BR listen (2)
is called on a stream socket that was not previously bound;
-.IP \(bu
+.IP \[bu]
.BR connect (2)
was called on a socket that was not previously bound;
-.IP \(bu
+.IP \[bu]
.BR sendto (2)
is called on a datagram socket that was not previously bound.
.RE
diff --git a/man7/ipc_namespaces.7 b/man7/ipc_namespaces.7
index b129e69b00..ec670697ba 100644
--- a/man7/ipc_namespaces.7
+++ b/man7/ipc_namespaces.7
@@ -28,10 +28,10 @@ but are not visible to processes in other IPC namespaces.
The following
.I /proc
interfaces are distinct in each IPC namespace:
-.IP \(bu 3
+.IP \[bu] 3
The POSIX message queue interfaces in
.IR /proc/sys/fs/mqueue .
-.IP \(bu
+.IP \[bu]
The System V IPC interfaces in
.IR /proc/sys/kernel ,
namely:
@@ -44,7 +44,7 @@ namely:
.IR shmmni ,
and
.IR shm_rmid_forced .
-.IP \(bu
+.IP \[bu]
The System V IPC interfaces in
.IR /proc/sysvipc .
.PP
diff --git a/man7/kernel_lockdown.7 b/man7/kernel_lockdown.7
index 7976a29c14..8bcd603b96 100644
--- a/man7/kernel_lockdown.7
+++ b/man7/kernel_lockdown.7
@@ -50,44 +50,44 @@ kprobes
.PP
and the ability to directly configure and control devices, so as to prevent
the use of a device to access or modify a kernel image:
-.IP \(bu 3
+.IP \[bu] 3
The use of module parameters that directly specify hardware parameters to
drivers through the kernel command line or when loading a module.
-.IP \(bu
+.IP \[bu]
The use of direct PCI BAR access.
-.IP \(bu
+.IP \[bu]
The use of the ioperm and iopl instructions on x86.
-.IP \(bu
+.IP \[bu]
The use of the KD*IO console ioctls.
-.IP \(bu
+.IP \[bu]
The use of the TIOCSSERIAL serial ioctl.
-.IP \(bu
+.IP \[bu]
The alteration of MSR registers on x86.
-.IP \(bu
+.IP \[bu]
The replacement of the PCMCIA CIS.
-.IP \(bu
+.IP \[bu]
The overriding of ACPI tables.
-.IP \(bu
+.IP \[bu]
The use of ACPI error injection.
-.IP \(bu
+.IP \[bu]
The specification of the ACPI RDSP address.
-.IP \(bu
+.IP \[bu]
The use of ACPI custom methods.
.PP
Certain facilities are restricted:
-.IP \(bu 3
+.IP \[bu] 3
Only validly signed modules may be loaded (waived if the module file being
loaded is vouched for by IMA appraisal).
-.IP \(bu
+.IP \[bu]
Only validly signed binaries may be kexec'd (waived if the binary image file
to be executed is vouched for by IMA appraisal).
-.IP \(bu
+.IP \[bu]
Unencrypted hibernation/suspend to swap are disallowed as the kernel image is
saved to a medium that can then be accessed.
-.IP \(bu
+.IP \[bu]
Use of debugfs is not permitted as this allows a whole range of actions
including direct configuration of, access to and driving of hardware.
-.IP \(bu
+.IP \[bu]
IMA requires the addition of the "secure_boot" rules to the policy,
whether or not they are specified on the command line,
for both the built-in and custom policies in secure boot lockdown mode.
diff --git a/man7/keyrings.7 b/man7/keyrings.7
index 772abd4eda..4f5e1a55b3 100644
--- a/man7/keyrings.7
+++ b/man7/keyrings.7
@@ -353,13 +353,13 @@ thus making the user keyring and anything it contains possessed by default.
.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
.SS Access rights
Each key has the following security-related attributes:
-.IP \(bu 3
+.IP \[bu] 3
The owning user ID
-.IP \(bu
+.IP \[bu]
The ID of a group that is permitted to access the key
-.IP \(bu
+.IP \[bu]
A security label
-.IP \(bu
+.IP \[bu]
A permissions mask
.PP
The permissions mask contains four sets of rights.
diff --git a/man7/landlock.7 b/man7/landlock.7
index 2b9c2f957c..0818b4bf94 100644
--- a/man7/landlock.7
+++ b/man7/landlock.7
@@ -23,13 +23,13 @@ A Landlock security policy is a set of access rights
tied to a file hierarchy.
Such policy can be configured and enforced by processes for themselves
using three system calls:
-.IP \(bu 2
+.IP \[bu] 2
.BR landlock_create_ruleset (2)
creates a new ruleset;
-.IP \(bu
+.IP \[bu]
.BR landlock_add_rule (2)
adds a new rule to a ruleset;
-.IP \(bu
+.IP \[bu]
.BR landlock_restrict_self (2)
enforces a ruleset on the calling thread.
.PP
diff --git a/man7/man-pages.7 b/man7/man-pages.7
index 317da357bb..501ae74d97 100644
--- a/man7/man-pages.7
+++ b/man7/man-pages.7
@@ -483,11 +483,11 @@ be separated by blank lines.
However, blank lines (achieved using
.IR .PP )
may be added in the following cases:
-.IP \(bu 3
+.IP \[bu] 3
to separate long lists of function prototypes into related groups
(see for example
.BR list (3));
-.IP \(bu
+.IP \[bu]
in other cases that may improve readability.
.PP
In the SYNOPSIS, a long function prototype may need to be
@@ -543,19 +543,19 @@ This wording is consistent with the wording used in both POSIX.1 and FreeBSD.
.SS ATTRIBUTES
.\" See man-pages commit c466875ecd64ed3d3cd3e578406851b7dfb397bf
Note the following:
-.IP \(bu 3
+.IP \[bu] 3
Wrap the table in this section in a
.IR ".ad\ l" / .ad
pair to disable text filling and a
.IR .nh / .hy
pair to disable hyphenation.
-.IP \(bu
+.IP \[bu]
Ensure that the table occupies the full page width through the use of an
.I lbx
description for one of the columns
(usually the first column,
though in some cases the last column if it contains a lot of text).
-.IP \(bu
+.IP \[bu]
Make free use of
.IR T{ / T}
macro pairs to allow table cells to be broken over multiple lines
@@ -771,11 +771,11 @@ please write all new pages and patches according to these conventions.
.PP
Aside from the well-known spelling differences,
there are a few other subtleties to watch for:
-.IP \(bu 3
+.IP \[bu] 3
American English tends to use the forms "backward", "upward", "toward",
and so on
rather than the British forms "backwards", "upwards", "towards", and so on.
-.IP \(bu
+.IP \[bu]
Opinions are divided on "acknowledgement" vs "acknowledgment".
The latter is predominant, but not universal usage in American English.
POSIX and the BSD license use the former spelling.
@@ -1077,11 +1077,11 @@ This guideline applies also to code examples.
.PP
The use of real minus signs serves the following purposes:
.\" https://lore.kernel.org/linux-man/20210121061158.5ul7226fgbrmodbt@localhost.localdomain/
-.IP \(bu 3
+.IP \[bu] 3
To provide better renderings on various targets other than
ASCII terminals,
notably in PDF and on Unicode/UTF\-8-capable terminals.
-.IP \(bu
+.IP \[bu]
To generate glyphs that when copied from rendered pages will
produce real minus signs when pasted into a terminal.
.PP
@@ -1113,22 +1113,22 @@ to get a nicely rendered tilde when rendering to PDF.
Manual pages may include example programs demonstrating how to
use a system call or library function.
However, note the following:
-.IP \(bu 3
+.IP \[bu] 3
Example programs should be written in C.
-.IP \(bu
+.IP \[bu]
An example program is necessary and useful only if it demonstrates
something beyond what can easily be provided in a textual
description of the interface.
An example program that does nothing
other than call an interface usually serves little purpose.
-.IP \(bu
+.IP \[bu]
Example programs should ideally be short
(e.g., a good example can often be provided in less than 100 lines of code),
though in some cases longer programs may be necessary
to properly illustrate the use of an API.
-.IP \(bu
+.IP \[bu]
Expressive code is appreciated.
-.IP \(bu
+.IP \[bu]
Comments should included where helpful.
Complete sentences in free-standing comments should be
terminated by a period.
@@ -1136,18 +1136,18 @@ Periods should generally be omitted in "tag" comments
(i.e., comments that are placed on the same line of code);
such comments are in any case typically brief phrases
rather than complete sentences.
-.IP \(bu
+.IP \[bu]
Example programs should do error checking after system calls and
library function calls.
-.IP \(bu
+.IP \[bu]
Example programs should be complete, and compile without
warnings when compiled with \fIcc\ \-Wall\fP.
-.IP \(bu
+.IP \[bu]
Where possible and appropriate, example programs should allow
experimentation, by varying their behavior based on inputs
(ideally from command-line arguments, or alternatively, via
input read by the program).
-.IP \(bu
+.IP \[bu]
Example programs should be laid out according to Kernighan and
Ritchie style, with 4-space indents.
(Avoid the use of TAB characters in source code!)
@@ -1159,7 +1159,7 @@ something close to the preferred style:
indent \-npro \-kr \-i4 \-ts4 \-sob \-l72 \-ss \-nut \-psl prog.c
.EE
.in
-.IP \(bu
+.IP \[bu]
For consistency, all example programs should terminate using either of:
.IP
.in +4n
@@ -1178,7 +1178,7 @@ exit(1);
return n;
.EE
.in
-.IP \(bu
+.IP \[bu]
If there is extensive explanatory text before the
program source code, mark off the source code
with a subsection heading
@@ -1195,11 +1195,11 @@ Always do this if the explanatory text includes a shell session log.
.PP
If you include a shell session log demonstrating the use of a program
or other system feature:
-.IP \(bu 3
+.IP \[bu] 3
Place the session log above the source code listing.
-.IP \(bu
+.IP \[bu]
Indent the session log by four spaces.
-.IP \(bu
+.IP \[bu]
Boldface the user input text,
to distinguish it from output produced by the system.
.PP
diff --git a/man7/mount_namespaces.7 b/man7/mount_namespaces.7
index 47152ae2d3..cfd639c52c 100644
--- a/man7/mount_namespaces.7
+++ b/man7/mount_namespaces.7
@@ -38,12 +38,12 @@ with the
flag.
When a new mount namespace is created,
its mount list is initialized as follows:
-.IP \(bu 3
+.IP \[bu] 3
If the namespace is created using
.BR clone (2),
the mount list of the child's namespace is a copy
of the mount list in the parent process's mount namespace.
-.IP \(bu
+.IP \[bu]
If the namespace is created using
.BR unshare (2),
the mount list of the new namespace is a copy of
diff --git a/man7/mq_overview.7 b/man7/mq_overview.7
index c7d4c65378..0330c48289 100644
--- a/man7/mq_overview.7
+++ b/man7/mq_overview.7
@@ -169,13 +169,13 @@ The definition of
.B HARD_MSGMAX
has changed across kernel versions:
.RS
-.IP \(bu 3
+.IP \[bu] 3
Up to Linux 2.6.32:
.I 131072\~/\~sizeof(void\~*)
-.IP \(bu
+.IP \[bu]
Linux 2.6.33 to Linux 3.4:
.I (32768\~*\~sizeof(void\~*) / 4)
-.IP \(bu
+.IP \[bu]
Since Linux 3.5:
.\" commit 5b5c4d1a1440e94994c73dddbad7be0676cd8b9a
65,536
@@ -223,12 +223,12 @@ The upper limit for
.I msgsize_max
has varied across kernel versions:
.RS
-.IP \(bu 3
+.IP \[bu] 3
Before Linux 2.6.28, the upper limit is
.BR INT_MAX .
-.IP \(bu
+.IP \[bu]
From Linux 2.6.28 to Linux 3.4, the limit is 1,048,576.
-.IP \(bu
+.IP \[bu]
Since Linux 3.5, the limit is 16,777,216
.RB ( HARD_MSGSIZEMAX ).
.RE
diff --git a/man7/namespaces.7 b/man7/namespaces.7
index e82bb4d154..97d9c1bce1 100644
--- a/man7/namespaces.7
+++ b/man7/namespaces.7
@@ -311,48 +311,48 @@ The value in this file defines a per-user limit on the number of
uts namespaces that may be created in the user namespace.
.PP
Note the following details about these files:
-.IP \(bu 3
+.IP \[bu] 3
The values in these files are modifiable by privileged processes.
-.IP \(bu
+.IP \[bu]
The values exposed by these files are the limits for the user namespace
in which the opening process resides.
-.IP \(bu
+.IP \[bu]
The limits are per-user.
Each user in the same user namespace
can create namespaces up to the defined limit.
-.IP \(bu
+.IP \[bu]
The limits apply to all users, including UID 0.
-.IP \(bu
+.IP \[bu]
These limits apply in addition to any other per-namespace
limits (such as those for PID and user namespaces) that may be enforced.
-.IP \(bu
+.IP \[bu]
Upon encountering these limits,
.BR clone (2)
and
.BR unshare (2)
fail with the error
.BR ENOSPC .
-.IP \(bu
+.IP \[bu]
For the initial user namespace,
the default value in each of these files is half the limit on the number
of threads that may be created
.RI ( /proc/sys/kernel/threads\-max ).
In all descendant user namespaces, the default value in each file is
.BR MAXINT .
-.IP \(bu
+.IP \[bu]
When a namespace is created, the object is also accounted
against ancestor namespaces.
More precisely:
.RS
-.IP \(bu 3
+.IP \[bu] 3
Each user namespace has a creator UID.
-.IP \(bu
+.IP \[bu]
When a namespace is created,
it is accounted against the creator UIDs in each of the
ancestor user namespaces,
and the kernel ensures that the corresponding namespace limit
for the creator UID in the ancestor namespace is not exceeded.
-.IP \(bu
+.IP \[bu]
The aforementioned point ensures that creating a new user namespace
cannot be used as a means to escape the limits in force
in the current user namespace.
@@ -365,32 +365,32 @@ the namespace terminates or leaves the namespace.
However, there are a number of other factors that may pin
a namespace into existence even though it has no member processes.
These factors include the following:
-.IP \(bu 3
+.IP \[bu] 3
An open file descriptor or a bind mount exists for the corresponding
.IR /proc/ pid /ns/*
file.
-.IP \(bu
+.IP \[bu]
The namespace is hierarchical (i.e., a PID or user namespace),
and has a child namespace.
-.IP \(bu
+.IP \[bu]
It is a user namespace that owns one or more nonuser namespaces.
-.IP \(bu
+.IP \[bu]
It is a PID namespace,
and there is a process that refers to the namespace via a
.IR /proc/ pid /ns/pid_for_children
symbolic link.
-.IP \(bu
+.IP \[bu]
It is a time namespace,
and there is a process that refers to the namespace via a
.IR /proc/ pid /ns/time_for_children
symbolic link.
-.IP \(bu
+.IP \[bu]
It is an IPC namespace, and a corresponding mount of an
.I mqueue
filesystem (see
.BR mq_overview (7))
refers to this namespace.
-.IP \(bu
+.IP \[bu]
It is a PID namespace, and a corresponding mount of a
.BR proc (5)
filesystem refers to this namespace.
diff --git a/man7/nptl.7 b/man7/nptl.7
index 784a550708..240684e637 100644
--- a/man7/nptl.7
+++ b/man7/nptl.7
@@ -26,10 +26,10 @@ which might interfere with the operation of the NPTL implementation,
various glibc library functions and system call wrapper functions
attempt to hide these signals from applications,
as follows:
-.IP \(bu 3
+.IP \[bu] 3
.B SIGRTMIN
is defined with the value 34 (rather than 32).
-.IP \(bu
+.IP \[bu]
The
.BR sigwaitinfo (2),
.BR sigtimedwait (2),
@@ -37,13 +37,13 @@ and
.BR sigwait (3)
interfaces silently ignore requests to wait for these two signals
if they are specified in the signal set argument of these calls.
-.IP \(bu
+.IP \[bu]
The
.BR sigprocmask (2)
and
.BR pthread_sigmask (3)
interfaces silently ignore attempts to block these two signals.
-.IP \(bu
+.IP \[bu]
The
.BR sigaction (2),
.BR pthread_kill (3),
@@ -52,7 +52,7 @@ and
interfaces fail with the error
.B EINVAL
(indicating an invalid signal number) if these signals are specified.
-.IP \(bu
+.IP \[bu]
.BR sigfillset (3)
does not include these two signals when it creates a full signal set.
.\"
diff --git a/man7/packet.7 b/man7/packet.7
index 4bfd55d9f8..8eb3f56a3d 100644
--- a/man7/packet.7
+++ b/man7/packet.7
@@ -297,7 +297,7 @@ The group is deleted when the last socket is closed.
Fanout supports multiple algorithms to spread traffic between sockets,
as follows:
.RS
-.IP \(bu 3
+.IP \[bu] 3
The default mode,
.BR PACKET_FANOUT_HASH ,
sends packets from the same flow to the same socket to maintain
@@ -305,21 +305,21 @@ per-flow ordering.
For each packet, it chooses a socket by taking the packet flow hash
modulo the number of sockets in the group, where a flow hash is a hash
over network-layer address and optional transport-layer port fields.
-.IP \(bu
+.IP \[bu]
The load-balance mode
.B PACKET_FANOUT_LB
implements a round-robin algorithm.
-.IP \(bu
+.IP \[bu]
.B PACKET_FANOUT_CPU
selects the socket based on the CPU that the packet arrived on.
-.IP \(bu
+.IP \[bu]
.B PACKET_FANOUT_ROLLOVER
processes all data on a single socket, moving to the next when one
becomes backlogged.
-.IP \(bu
+.IP \[bu]
.B PACKET_FANOUT_RND
selects the socket using a pseudo-random number generator.
-.IP \(bu
+.IP \[bu]
.B PACKET_FANOUT_QM
.\" commit 2d36097d26b5991d71a2cf4a20c1a158f0f1bfcd
(available since Linux 3.14)
diff --git a/man7/pthreads.7 b/man7/pthreads.7
index aa00c50bcd..e0aad99215 100644
--- a/man7/pthreads.7
+++ b/man7/pthreads.7
@@ -15,44 +15,44 @@ but each thread has its own stack (automatic variables).
.PP
POSIX.1 also requires that threads share a range of other attributes
(i.e., these attributes are process-wide rather than per-thread):
-.IP \(bu 3
+.IP \[bu] 3
process ID
-.IP \(bu
+.IP \[bu]
parent process ID
-.IP \(bu
+.IP \[bu]
process group ID and session ID
-.IP \(bu
+.IP \[bu]
controlling terminal
-.IP \(bu
+.IP \[bu]
user and group IDs
-.IP \(bu
+.IP \[bu]
open file descriptors
-.IP \(bu
+.IP \[bu]
record locks (see
.BR fcntl (2))
-.IP \(bu
+.IP \[bu]
signal dispositions
-.IP \(bu
+.IP \[bu]
file mode creation mask
.RB ( umask (2))
-.IP \(bu
+.IP \[bu]
current directory
.RB ( chdir (2))
and
root directory
.RB ( chroot (2))
-.IP \(bu
+.IP \[bu]
interval timers
.RB ( setitimer (2))
and POSIX timers
.RB ( timer_create (2))
-.IP \(bu
+.IP \[bu]
nice value
.RB ( setpriority (2))
-.IP \(bu
+.IP \[bu]
resource limits
.RB ( setrlimit (2))
-.IP \(bu
+.IP \[bu]
measurements of the consumption of CPU time
.RB ( times (2))
and resources
@@ -60,29 +60,29 @@ and resources
.PP
As well as the stack, POSIX.1 specifies that various other
attributes are distinct for each thread, including:
-.IP \(bu 3
+.IP \[bu] 3
thread ID (the
.I pthread_t
data type)
-.IP \(bu
+.IP \[bu]
signal mask
.RB ( pthread_sigmask (3))
-.IP \(bu
+.IP \[bu]
the
.I errno
variable
-.IP \(bu
+.IP \[bu]
alternate signal stack
.RB ( sigaltstack (2))
-.IP \(bu
+.IP \[bu]
real-time scheduling policy and priority
.RB ( sched (7))
.PP
The following Linux-specific features are also per-thread:
-.IP \(bu 3
+.IP \[bu] 3
capabilities (see
.BR capabilities (7))
-.IP \(bu
+.IP \[bu]
CPU affinity
.RB ( sched_setaffinity (2))
.SS Pthreads function return values
@@ -681,14 +681,14 @@ thread joining, and so on) are implemented using the Linux
system call.
.SS LinuxThreads
The notable features of this implementation are the following:
-.IP \(bu 3
+.IP \[bu] 3
In addition to the main (initial) thread,
and the threads that the program creates using
.BR pthread_create (3),
the implementation creates a "manager" thread.
This thread handles thread creation and termination.
(Problems can result if this thread is inadvertently killed.)
-.IP \(bu
+.IP \[bu]
Signals are used internally by the implementation.
On Linux 2.2 and later, the first three real-time signals are used
(see also
@@ -700,7 +700,7 @@ and
are used.
Applications must avoid the use of whichever set of signals is
employed by the implementation.
-.IP \(bu
+.IP \[bu]
Threads do not share process IDs.
(In effect, LinuxThreads threads are implemented as processes which share
more information than usual, but which do not share a common process ID.)
@@ -710,11 +710,11 @@ are visible as separate processes using
.PP
The LinuxThreads implementation deviates from the POSIX.1
specification in a number of ways, including the following:
-.IP \(bu 3
+.IP \[bu] 3
Calls to
.BR getpid (2)
return a different value in each thread.
-.IP \(bu
+.IP \[bu]
Calls to
.BR getppid (2)
in threads other than the main thread return the process ID of the
@@ -723,7 +723,7 @@ manager thread; instead
in these threads should return the same value as
.BR getppid (2)
in the main thread.
-.IP \(bu
+.IP \[bu]
When one thread creates a new child process using
.BR fork (2),
any thread should be able to
@@ -733,39 +733,39 @@ However, the implementation allows only the thread that
created the child to
.BR wait (2)
on it.
-.IP \(bu
+.IP \[bu]
When a thread calls
.BR execve (2),
all other threads are terminated (as required by POSIX.1).
However, the resulting process has the same PID as the thread that called
.BR execve (2):
it should have the same PID as the main thread.
-.IP \(bu
+.IP \[bu]
Threads do not share user and group IDs.
This can cause complications with set-user-ID programs and
can cause failures in Pthreads functions if an application
changes its credentials using
.BR seteuid (2)
or similar.
-.IP \(bu
+.IP \[bu]
Threads do not share a common session ID and process group ID.
-.IP \(bu
+.IP \[bu]
Threads do not share record locks created using
.BR fcntl (2).
-.IP \(bu
+.IP \[bu]
The information returned by
.BR times (2)
and
.BR getrusage (2)
is per-thread rather than process-wide.
-.IP \(bu
+.IP \[bu]
Threads do not share semaphore undo values (see
.BR semop (2)).
-.IP \(bu
+.IP \[bu]
Threads do not share interval timers.
-.IP \(bu
+.IP \[bu]
Threads do not share a common nice value.
-.IP \(bu
+.IP \[bu]
POSIX.1 distinguishes the notions of signals that are directed
to the process as a whole and signals that are directed to individual
threads.
@@ -775,7 +775,7 @@ for example) should be handled by a single,
arbitrarily selected thread within the process.
LinuxThreads does not support the notion of process-directed signals:
signals may be sent only to specific threads.
-.IP \(bu
+.IP \[bu]
Threads have distinct alternate signal stack settings.
However, a new thread's alternate signal stack settings
are copied from the thread that created it, so that
@@ -797,7 +797,7 @@ See
for further details.
.PP
NPTL still has at least one nonconformance with POSIX.1:
-.IP \(bu 3
+.IP \[bu] 3
Threads do not share a common nice value.
.\" FIXME . bug report filed for NPTL nice nonconformance
.\" http://bugzilla.kernel.org/show_bug.cgi?id=6258
@@ -806,26 +806,26 @@ Threads do not share a common nice value.
.\" Monitor this to see if it makes it into mainline.
.PP
Some NPTL nonconformances occur only with older kernels:
-.IP \(bu 3
+.IP \[bu] 3
The information returned by
.BR times (2)
and
.BR getrusage (2)
is per-thread rather than process-wide (fixed in Linux 2.6.9).
-.IP \(bu
+.IP \[bu]
Threads do not share resource limits (fixed in Linux 2.6.10).
-.IP \(bu
+.IP \[bu]
Threads do not share interval timers (fixed in Linux 2.6.12).
-.IP \(bu
+.IP \[bu]
Only the main thread is permitted to start a new session using
.BR setsid (2)
(fixed in Linux 2.6.16).
-.IP \(bu
+.IP \[bu]
Only the main thread is permitted to make the process into a
process group leader using
.BR setpgid (2)
(fixed in Linux 2.6.16).
-.IP \(bu
+.IP \[bu]
Threads have distinct alternate signal stack settings.
However, a new thread's alternate signal stack settings
are copied from the thread that created it, so that
@@ -833,7 +833,7 @@ the threads initially share an alternate signal stack
(fixed in Linux 2.6.16).
.PP
Note the following further points about the NPTL implementation:
-.IP \(bu 3
+.IP \[bu] 3
If the stack size soft resource limit (see the description of
.B RLIMIT_STACK
in
diff --git a/man7/queue.7 b/man7/queue.7
index 0123356f66..83851c7a14 100644
--- a/man7/queue.7
+++ b/man7/queue.7
@@ -30,13 +30,13 @@ CIRCLEQ
doubly linked circular queues
.PP
All structures support the following functionality:
-.IP \(bu 3
+.IP \[bu] 3
Insertion of a new entry at the head of the list.
-.IP \(bu
+.IP \[bu]
Insertion of a new entry after any element in the list.
-.IP \(bu
+.IP \[bu]
O(1) removal of an entry from the head of the list.
-.IP \(bu
+.IP \[bu]
Forward traversal through the list.
.\".IP *
.\" Swapping the contents of two lists.
@@ -51,21 +51,21 @@ Singly linked lists are ideal for applications with
large datasets and few or no removals,
or for implementing a LIFO queue.
Singly linked lists add the following functionality:
-.IP \(bu 3
+.IP \[bu] 3
O(n) removal of any entry in the list.
.SS Singly linked tail queues (STAILQ)
Singly linked tail queues add the following functionality:
-.IP \(bu 3
+.IP \[bu] 3
Entries can be added at the end of a list.
-.IP \(bu
+.IP \[bu]
O(n) removal of any entry in the list.
-.IP \(bu
+.IP \[bu]
They may be concatenated.
.PP
However:
-.IP \(bu 3
+.IP \[bu] 3
All list insertions must specify the head of the list.
-.IP \(bu
+.IP \[bu]
Each head entry requires two pointers rather than one.
.PP
Singly linked tail queues are ideal for applications with
@@ -74,45 +74,45 @@ or for implementing a FIFO queue.
.SS Doubly linked data structures
All doubly linked types of data structures (lists and tail queues)
additionally allow:
-.IP \(bu 3
+.IP \[bu] 3
Insertion of a new entry before any element in the list.
-.IP \(bu
+.IP \[bu]
O(1) removal of any entry in the list.
.PP
However:
-.IP \(bu 3
+.IP \[bu] 3
Each element requires two pointers rather than one.
.SS Doubly linked lists (LIST)
Linked lists are the simplest of the doubly linked data structures.
They add the following functionality over the above:
-.IP \(bu 3
+.IP \[bu] 3
They may be traversed backwards.
.PP
However:
-.IP \(bu 3
+.IP \[bu] 3
To traverse backwards, an entry to begin the traversal and the list in
which it is contained must be specified.
.SS Doubly linked tail queues (TAILQ)
Tail queues add the following functionality:
-.IP \(bu 3
+.IP \[bu] 3
Entries can be added at the end of a list.
-.IP \(bu
+.IP \[bu]
They may be traversed backwards, from tail to head.
-.IP \(bu
+.IP \[bu]
They may be concatenated.
.PP
However:
-.IP \(bu 3
+.IP \[bu] 3
All list insertions and removals must specify the head of the list.
-.IP \(bu
+.IP \[bu]
Each head entry requires two pointers rather than one.
.SS Doubly linked circular queues (CIRCLEQ)
Circular queues add the following functionality over the above:
-.IP \(bu 3
+.IP \[bu] 3
The first and last entries are connected.
.PP
However:
-.IP \(bu 3
+.IP \[bu] 3
The termination condition for traversal is more complex.
.SH STANDARDS
Not in POSIX.1, POSIX.1-2001, or POSIX.1-2008.
diff --git a/man7/random.7 b/man7/random.7
index 009148f0b6..280e798c69 100644
--- a/man7/random.7
+++ b/man7/random.7
@@ -19,7 +19,7 @@ a cryptographically secure pseudorandom number generator (CSPRNG).
It is designed for security, rather than speed.
.PP
The following interfaces provide access to output from the kernel CSPRNG:
-.IP \(bu 3
+.IP \[bu] 3
The
.I /dev/urandom
and
@@ -28,7 +28,7 @@ devices, both described in
.BR random (4).
These devices have been present on Linux since early times,
and are also available on many other systems.
-.IP \(bu
+.IP \[bu]
The Linux-specific
.BR getrandom (2)
system call, available since Linux 3.17.
diff --git a/man7/rtld-audit.7 b/man7/rtld-audit.7
index 42c1795ea0..ca47427c3d 100644
--- a/man7/rtld-audit.7
+++ b/man7/rtld-audit.7
@@ -464,11 +464,11 @@ in the chapter
.SH NOTES
Note the following differences from the Solaris dynamic linker
auditing API:
-.IP \(bu 3
+.IP \[bu] 3
The Solaris
.BR la_objfilter ()
interface is not supported by the GNU implementation.
-.IP \(bu
+.IP \[bu]
The Solaris
.BR la_symbind32 ()
and
@@ -476,7 +476,7 @@ and
functions do not provide a
.I symname
argument.
-.IP \(bu
+.IP \[bu]
The Solaris
.BR la_pltexit ()
function does not provide
diff --git a/man7/sched.7 b/man7/sched.7
index 8b50f54613..568b74b425 100644
--- a/man7/sched.7
+++ b/man7/sched.7
@@ -137,15 +137,15 @@ it will always immediately preempt any currently running
algorithm without time slicing.
For threads scheduled under the
\fBSCHED_FIFO\fP policy, the following rules apply:
-.IP \(bu 3
+.IP \[bu] 3
A running \fBSCHED_FIFO\fP thread that has been preempted by another thread of
higher priority will stay at the head of the list for its priority and
will resume execution as soon as all threads of higher priority are
blocked again.
-.IP \(bu
+.IP \[bu]
When a blocked \fBSCHED_FIFO\fP thread becomes runnable, it
will be inserted at the end of the list for its priority.
-.IP \(bu
+.IP \[bu]
If a call to
.BR sched_setscheduler (2),
.BR sched_setparam (2),
@@ -180,7 +180,7 @@ should result in the thread being placed at the end of
the list for its priority.
.\" In Linux 2.2.x and Linux 2.4.x, the thread is placed at the front of the queue
.\" In Linux 2.0.x, the Right Thing happened: the thread went to the back -- MTK
-.IP \(bu
+.IP \[bu]
A thread calling
.BR sched_yield (2)
will be put at the end of the list.
@@ -492,7 +492,7 @@ When this flag is set, children created by
.BR fork (2)
do not inherit privileged scheduling policies.
The reset-on-fork flag can be set by either:
-.IP \(bu 3
+.IP \[bu] 3
ORing the
.B SCHED_RESET_ON_FORK
flag into the
@@ -501,7 +501,7 @@ argument when calling
.BR sched_setscheduler (2)
(since Linux 2.6.32);
or
-.IP \(bu
+.IP \[bu]
specifying the
.B SCHED_FLAG_RESET_ON_FORK
flag in
@@ -524,7 +524,7 @@ by creating multiple child processes.
.PP
More precisely, if the reset-on-fork flag is set,
the following rules apply for subsequently created children:
-.IP \(bu 3
+.IP \[bu] 3
If the calling thread has a scheduling policy of
.B SCHED_FIFO
or
@@ -532,7 +532,7 @@ or
the policy is reset to
.B SCHED_OTHER
in child processes.
-.IP \(bu
+.IP \[bu]
If the calling process has a negative nice value,
the nice value is reset to zero in child processes.
.PP
@@ -571,7 +571,7 @@ and
.B SCHED_FIFO
policies.
The rules for changing scheduling policy and priority are as follows:
-.IP \(bu 3
+.IP \[bu] 3
If an unprivileged thread has a nonzero
.B RLIMIT_RTPRIO
soft limit, then it can change its scheduling policy and priority,
@@ -579,17 +579,17 @@ subject to the restriction that the priority cannot be set to a
value higher than the maximum of its current priority and its
.B RLIMIT_RTPRIO
soft limit.
-.IP \(bu
+.IP \[bu]
If the
.B RLIMIT_RTPRIO
soft limit is 0, then the only permitted changes are to lower the priority,
or to switch to a non-real-time policy.
-.IP \(bu
+.IP \[bu]
Subject to the same rules,
another unprivileged thread can also make these changes,
as long as the effective user ID of the thread making the change
matches the real or effective user ID of the target thread.
-.IP \(bu
+.IP \[bu]
Special rules apply for the
.B SCHED_IDLE
policy.
@@ -832,11 +832,11 @@ Task groups have a hierarchical relationship,
rooted under the initial task group on the system,
known as the "root task group".
Task groups are formed in the following circumstances:
-.IP \(bu 3
+.IP \[bu] 3
All of the threads in a CPU cgroup form a task group.
The parent of this task group is the task group of the
corresponding parent cgroup.
-.IP \(bu
+.IP \[bu]
If autogrouping is enabled,
then all of the threads that are (implicitly) placed in an autogroup
(i.e., the same session, as created by
@@ -844,14 +844,14 @@ then all of the threads that are (implicitly) placed in an autogroup
form a task group.
Each new autogroup is thus a separate task group.
The root task group is the parent of all such autogroups.
-.IP \(bu
+.IP \[bu]
If autogrouping is enabled, then the root task group consists of
all processes in the root CPU cgroup that were not
otherwise implicitly placed into a new autogroup.
-.IP \(bu
+.IP \[bu]
If autogrouping is disabled, then the root task group consists of
all processes in the root CPU cgroup.
-.IP \(bu
+.IP \[bu]
If group scheduling was disabled (i.e., the kernel was configured without
.BR CONFIG_FAIR_GROUP_SCHED ),
then all of the processes on the system are notionally placed
diff --git a/man7/signal-safety.7 b/man7/signal-safety.7
index cc6af30b77..3d6ddc7eb4 100644
--- a/man7/signal-safety.7
+++ b/man7/signal-safety.7
@@ -274,14 +274,14 @@ T}
.TE
.PP
Notes:
-.IP \(bu 3
+.IP \[bu] 3
POSIX.1-2001 and POSIX.1-2001 TC2 required the functions
.BR fpathconf (3),
.BR pathconf (3),
and
.BR sysconf (3)
to be async-signal-safe, but this requirement was removed in POSIX.1-2008.
-.IP \(bu
+.IP \[bu]
If a signal handler interrupts the execution of an unsafe function,
and the handler terminates via a call to
.BR longjmp (3)
@@ -289,7 +289,7 @@ or
.BR siglongjmp (3)
and the program subsequently calls an unsafe function,
then the behavior of the program is undefined.
-.IP \(bu
+.IP \[bu]
POSIX.1-2001 TC1 clarified
that if an application calls
.BR fork (2)
@@ -302,7 +302,7 @@ is likely to remove
.BR fork (2)
from the list of async-signal-safe functions.
.\"
-.IP \(bu
+.IP \[bu]
Asynchronous signal handlers that call functions which are cancelation
points and nest over regions of deferred cancelation may trigger
cancelation whose behavior is as if asynchronous cancelation had
@@ -318,7 +318,7 @@ on entry and restores its value before returning.
.SS Deviations in the GNU C library
The following known deviations from the standard occur in
the GNU C library:
-.IP \(bu 3
+.IP \[bu] 3
Before glibc 2.24,
.BR execl (3)
and
@@ -328,7 +328,7 @@ employed
internally and were consequently not async-signal-safe.
.\" https://sourceware.org/bugzilla/show_bug.cgi?id=19534
This was fixed in glibc 2.24.
-.IP \(bu
+.IP \[bu]
.\" FIXME . https://sourceware.org/bugzilla/show_bug.cgi?id=13172
The glibc implementation of
.BR aio_suspend (3)
diff --git a/man7/signal.7 b/man7/signal.7
index 73accfd2da..ea279d0e2a 100644
--- a/man7/signal.7
+++ b/man7/signal.7
@@ -136,7 +136,7 @@ to block execution until the signal is delivered,
at which point the kernel returns information about the
signal to the caller.
There are two general ways to do this:
-.IP \(bu 3
+.IP \[bu] 3
.BR sigwaitinfo (2),
.BR sigtimedwait (2),
and
@@ -144,7 +144,7 @@ and
suspend execution until one of the signals in a specified
set is delivered.
Each of these calls returns information about the delivered signal.
-.IP \(bu
+.IP \[bu]
.BR signalfd (2)
returns a file descriptor that can be used to read information
about signals that are delivered to the caller.
@@ -264,16 +264,16 @@ Various pieces of signal-related context are saved
into a special frame that is created on the stack.
The saved information includes:
.RS
-.IP \(bu 3
+.IP \[bu] 3
the program counter register
(i.e., the address of the next instruction in the main program that
should be executed when the signal handler returns);
-.IP \(bu
+.IP \[bu]
architecture-specific register state required for resuming the
interrupted program;
-.IP \(bu
+.IP \[bu]
the thread's current signal mask;
-.IP \(bu
+.IP \[bu]
the thread's alternate signal stack settings.
.RE
.IP
@@ -512,7 +512,7 @@ SIGUNUSED 31 \- \- 31
.TE
.PP
Note the following:
-.IP \(bu 3
+.IP \[bu] 3
Where defined,
.B SIGUNUSED
is synonymous with
@@ -520,7 +520,7 @@ is synonymous with
Since glibc 2.26,
.B SIGUNUSED
is no longer defined on any architecture.
-.IP \(bu
+.IP \[bu]
Signal 29 is
.BR SIGINFO / SIGPWR
(synonyms for the same value) on Alpha but
@@ -569,11 +569,11 @@ The default action for an unhandled real-time signal is to terminate the
receiving process.
.PP
Real-time signals are distinguished by the following:
-.IP \(bu 3
+.IP \[bu] 3
Multiple instances of real-time signals can be queued.
By contrast, if multiple instances of a standard signal are delivered
while that signal is currently blocked, then only one instance is queued.
-.IP \(bu
+.IP \[bu]
If the signal is sent using
.BR sigqueue (3),
an accompanying value (either an integer or a pointer) can be sent
@@ -593,7 +593,7 @@ and
.I si_uid
fields of this structure can be used to obtain the PID
and real user ID of the process sending the signal.
-.IP \(bu
+.IP \[bu]
Real-time signals are delivered in a guaranteed order.
Multiple real-time signals of the same type are delivered in the order
they were sent.
@@ -653,9 +653,9 @@ Linux 2.0 and earlier Linux 2.2 and later
.SS Interruption of system calls and library functions by signal handlers
If a signal handler is invoked while a system call or library
function call is blocked, then either:
-.IP \(bu 3
+.IP \[bu] 3
the call is automatically restarted after the signal handler returns; or
-.IP \(bu
+.IP \[bu]
the call fails with the error
.BR EINTR .
.PP
@@ -675,7 +675,7 @@ flag was used; otherwise the call fails with the error
.BR EINTR :
.\" The following system calls use ERESTARTSYS,
.\" so that they are restartable
-.IP \(bu 3
+.IP \[bu] 3
.BR read (2),
.BR readv (2),
.BR write (2),
@@ -691,18 +691,18 @@ then the call will return a success status
(normally, the number of bytes transferred).
Note that a (local) disk is not a slow device according to this definition;
I/O operations on disk devices are not interrupted by signals.
-.IP \(bu
+.IP \[bu]
.BR open (2),
if it can block (e.g., when opening a FIFO; see
.BR fifo (7)).
-.IP \(bu
+.IP \[bu]
.BR wait (2),
.BR wait3 (2),
.BR wait4 (2),
.BR waitid (2),
and
.BR waitpid (2).
-.IP \(bu
+.IP \[bu]
Socket interfaces:
.\" If a timeout (setsockopt()) is in effect on the socket, then these
.\" system calls switch to using EINTR. Consequently, they and are not
@@ -720,7 +720,7 @@ and
.BR sendmsg (2),
.\" FIXME What about sendmmsg()?
unless a timeout has been set on the socket (see below).
-.IP \(bu
+.IP \[bu]
File locking interfaces:
.BR flock (2)
and
@@ -730,30 +730,30 @@ and
.B F_OFD_SETLKW
operations of
.BR fcntl (2)
-.IP \(bu
+.IP \[bu]
POSIX message queue interfaces:
.BR mq_receive (3),
.BR mq_timedreceive (3),
.BR mq_send (3),
and
.BR mq_timedsend (3).
-.IP \(bu
+.IP \[bu]
.BR futex (2)
.B FUTEX_WAIT
(since Linux 2.6.22;
.\" commit 72c1bbf308c75a136803d2d76d0e18258be14c7a
beforehand, always failed with
.BR EINTR ).
-.IP \(bu
+.IP \[bu]
.BR getrandom (2).
-.IP \(bu
+.IP \[bu]
.BR pthread_mutex_lock (3),
.BR pthread_cond_wait (3),
and related APIs.
-.IP \(bu
+.IP \[bu]
.BR futex (2)
.BR FUTEX_WAIT_BITSET .
-.IP \(bu
+.IP \[bu]
POSIX semaphore interfaces:
.BR sem_wait (3)
and
@@ -762,7 +762,7 @@ and
.\" as a consequence of the 2.6.22 changes in the futex() implementation
beforehand, always failed with
.BR EINTR ).
-.IP \(bu
+.IP \[bu]
.BR read (2)
from an
.BR inotify (7)
@@ -781,7 +781,7 @@ they always fail with the error
when interrupted by a signal handler:
.\" These are the system calls that give EINTR or ERESTARTNOHAND
.\" on interruption by a signal handler.
-.IP \(bu 3
+.IP \[bu] 3
"Input" socket interfaces, when a timeout
.RB ( SO_RCVTIMEO )
has been set on the socket using
@@ -795,7 +795,7 @@ has been set on the socket using
argument),
and
.BR recvmsg (2).
-.IP \(bu
+.IP \[bu]
"Output" socket interfaces, when a timeout
.RB ( SO_RCVTIMEO )
has been set on the socket using
@@ -806,14 +806,14 @@ has been set on the socket using
and
.BR sendmsg (2).
.\" FIXME What about sendmmsg()?
-.IP \(bu
+.IP \[bu]
Interfaces used to wait for signals:
.BR pause (2),
.BR sigsuspend (2),
.BR sigtimedwait (2),
and
.BR sigwaitinfo (2).
-.IP \(bu
+.IP \[bu]
File descriptor multiplexing interfaces:
.BR epoll_wait (2),
.BR epoll_pwait (2),
@@ -822,7 +822,7 @@ File descriptor multiplexing interfaces:
.BR select (2),
and
.BR pselect (2).
-.IP \(bu
+.IP \[bu]
System V IPC interfaces:
.\" On some other systems, SA_RESTART does restart these system calls
.BR msgrcv (2),
@@ -830,13 +830,13 @@ System V IPC interfaces:
.BR semop (2),
and
.BR semtimedop (2).
-.IP \(bu
+.IP \[bu]
Sleep interfaces:
.BR clock_nanosleep (2),
.BR nanosleep (2),
and
.BR usleep (3).
-.IP \(bu
+.IP \[bu]
.BR io_getevents (2).
.PP
The
@@ -863,7 +863,7 @@ This behavior is not sanctioned by POSIX.1, and doesn't occur
on other systems.
.PP
The Linux interfaces that display this behavior are:
-.IP \(bu 3
+.IP \[bu] 3
"Input" socket interfaces, when a timeout
.RB ( SO_RCVTIMEO )
has been set on the socket using
@@ -877,7 +877,7 @@ has been set on the socket using
argument),
and
.BR recvmsg (2).
-.IP \(bu
+.IP \[bu]
"Output" socket interfaces, when a timeout
.RB ( SO_RCVTIMEO )
has been set on the socket using
@@ -891,33 +891,33 @@ and
if a send timeout
.RB ( SO_SNDTIMEO )
has been set.
-.IP \(bu
+.IP \[bu]
.BR epoll_wait (2),
.BR epoll_pwait (2).
-.IP \(bu
+.IP \[bu]
.BR semop (2),
.BR semtimedop (2).
-.IP \(bu
+.IP \[bu]
.BR sigtimedwait (2),
.BR sigwaitinfo (2).
-.IP \(bu
+.IP \[bu]
Linux 3.7 and earlier:
.BR read (2)
from an
.BR inotify (7)
file descriptor
.\" commit 1ca39ab9d21ac93f94b9e3eb364ea9a5cf2aba06
-.IP \(bu
+.IP \[bu]
Linux 2.6.21 and earlier:
.BR futex (2)
.BR FUTEX_WAIT ,
.BR sem_timedwait (3),
.BR sem_wait (3).
-.IP \(bu
+.IP \[bu]
Linux 2.6.8 and earlier:
.BR msgrcv (2),
.BR msgsnd (2).
-.IP \(bu
+.IP \[bu]
Linux 2.4 and earlier:
.BR nanosleep (2).
.SH STANDARDS
diff --git a/man7/string_copying.7 b/man7/string_copying.7
index 55e63aa144..7e42a99f09 100644
--- a/man7/string_copying.7
+++ b/man7/string_copying.7
@@ -215,17 +215,17 @@ it makes sense to truncate.
Remember to check the return value of such function calls.
.PP
Functions that truncate:
-.IP \(bu 3
+.IP \[bu] 3
.BR stpecpy (3)
is the most efficient string copy function that performs truncation.
It only requires to check for truncation once after all chained calls.
-.IP \(bu
+.IP \[bu]
.BR strlcpy (3bsd)
and
.BR strlcat (3bsd)
are designed to crash if the input string is invalid
(doesn't contain a terminating null byte).
-.IP \(bu
+.IP \[bu]
.BR stpncpy (3)
and
.BR strncpy (3)
@@ -313,15 +313,15 @@ also require that
.I dst
holds a string before the call.
List of functions:
-.IP \(bu 3
+.IP \[bu] 3
.PD 0
.BR stpcpy (3)
-.IP \(bu
+.IP \[bu]
.BR strcpy "(3), \c"
.BR strcat (3)
-.IP \(bu
+.IP \[bu]
.BR stpecpy (3)
-.IP \(bu
+.IP \[bu]
.BR strlcpy "(3bsd), \c"
.BR strlcat (3bsd)
.PD
@@ -331,10 +331,10 @@ but create a character sequence as output.
These functions have confusing names,
and have a long history of misuse.
List of functions:
-.IP \(bu 3
+.IP \[bu] 3
.PD 0
.BR stpncpy (3)
-.IP \(bu
+.IP \[bu]
.BR strncpy (3)
.PD
.PP
@@ -347,22 +347,22 @@ holds a string before the call.
.BR strncat (3)
has an even more misleading name than the functions above.
List of functions:
-.IP \(bu 3
+.IP \[bu] 3
.PD 0
.BR zustr2stp (3)
-.IP \(bu
+.IP \[bu]
.BR strncat (3)
-.IP \(bu
+.IP \[bu]
.BR ustr2stp (3)
.PD
.PP
Other functions operate on an input character sequence
to create an output character sequence.
List of functions:
-.IP \(bu 3
+.IP \[bu] 3
.PD 0
.BR ustpcpy (3)
-.IP \(bu
+.IP \[bu]
.BR zustr2stp (3)
.PD
.\" ----- DESCRIPTION :: Functions :: ---------------------------------/
@@ -506,12 +506,12 @@ It returns a pointer suitable for chaining.
.SH RETURN VALUE
The following functions return
a pointer to the terminating null byte in the destination string.
-.IP \(bu 3
+.IP \[bu] 3
.PD 0
.BR stpcpy (3)
-.IP \(bu
+.IP \[bu]
.BR ustr2stp (3)
-.IP \(bu
+.IP \[bu]
.BR zustr2stp (3)
.PD
.PP
@@ -520,7 +520,7 @@ a pointer to the terminating null byte in the destination string,
except when truncation occurs;
if truncation occurs,
it returns a pointer to the end of the destination buffer.
-.IP \(bu 3
+.IP \[bu] 3
.BR stpecpy (3)
.PP
The following function returns
@@ -529,23 +529,23 @@ in the destination character sequence;
if truncation occurs,
that pointer is equivalent to
a pointer to the end of the destination buffer.
-.IP \(bu 3
+.IP \[bu] 3
.BR stpncpy (3)
.PP
The following functions return
a pointer to one after the last character
in the destination character sequence.
-.IP \(bu 3
+.IP \[bu] 3
.PD 0
.BR zustr2ustp (3)
-.IP \(bu
+.IP \[bu]
.BR ustpcpy (3)
.PD
.PP
The following functions return
the length of the total string that they tried to create
(as if truncation didn't occur).
-.IP \(bu 3
+.IP \[bu] 3
.BR strlcpy (3bsd),
.BR strlcat (3bsd)
.PP
@@ -553,13 +553,13 @@ The following functions return the
.I dst
pointer,
which is useless.
-.IP \(bu 3
+.IP \[bu] 3
.PD 0
.BR strcpy (3),
.BR strcat (3)
-.IP \(bu
+.IP \[bu]
.BR strncpy (3)
-.IP \(bu
+.IP \[bu]
.BR strncat (3)
.PD
.\" ----- NOTES :: strscpy(9) -----------------------------------------/
diff --git a/man7/symlink.7 b/man7/symlink.7
index 1ddc03976d..77fefb743d 100644
--- a/man7/symlink.7
+++ b/man7/symlink.7
@@ -168,12 +168,12 @@ exceeded.)
.PP
There are three separate areas that need to be discussed.
They are as follows:
-.IP \(bu 3
+.IP \[bu] 3
Symbolic links used as filename arguments for system calls.
-.IP \(bu
+.IP \[bu]
Symbolic links specified as command-line arguments to utilities that
are not traversing a file tree.
-.IP \(bu
+.IP \[bu]
Symbolic links encountered by utilities that are traversing a file tree
(either specified on the command line or encountered as part of the
file hierarchy walk).
@@ -315,7 +315,7 @@ would change the ownership of
itself.
.PP
There are some exceptions to this rule:
-.IP \(bu 3
+.IP \[bu] 3
The
.BR mv (1)
and
@@ -325,7 +325,7 @@ but respectively attempt to rename and delete them.
(Note, if the symbolic link references a file via a relative path,
moving it to another directory may very well cause it to stop working,
since the path may no longer be correct.)
-.IP \(bu
+.IP \[bu]
The
.BR ls (1)
command is also an exception to this rule.
@@ -355,7 +355,7 @@ and
.I \-L
options affect its behavior even though it is not doing a walk of
a file tree.)
-.IP \(bu
+.IP \[bu]
The
.BR file (1)
command is also an exception to this rule.
@@ -415,7 +415,7 @@ walk (where symbolic links that refer to directories are followed).
.PP
Certain conventions are (should be) followed as consistently as
possible by commands that perform file tree walks:
-.IP \(bu 3
+.IP \[bu] 3
A command can be made to follow
any symbolic links named on the command line,
regardless of the type of file they reference, by specifying the
@@ -444,7 +444,7 @@ flag causes symbolic links specified on the command line to be
dereferenced for the purposes of both the action to be performed
and the tree walk, and it is as if the user had specified the
name of the file to which the symbolic link pointed.
-.IP \(bu
+.IP \[bu]
A command can be made to
follow any symbolic links named on the command line,
as well as any symbolic links encountered during the traversal,
@@ -473,7 +473,7 @@ In addition, if any symbolic links are encountered in any file tree that
.B chown
traverses, they will be treated in the same fashion as
.IR slink .
-.IP \(bu
+.IP \[bu]
A command can be made to
provide the default behavior by specifying the
.I \-P
@@ -504,7 +504,7 @@ The
and
.BR rm (1)
commands have exceptions to these rules:
-.IP \(bu 3
+.IP \[bu] 3
The
.BR rm (1)
command operates on the symbolic link, and not the file it references,
@@ -517,7 +517,7 @@ command does not support the
or
.I \-P
options.
-.IP \(bu
+.IP \[bu]
To maintain compatibility with historic systems,
the
.BR ls (1)
diff --git a/man7/time_namespaces.7 b/man7/time_namespaces.7
index 1316bff091..15ec3dbcd9 100644
--- a/man7/time_namespaces.7
+++ b/man7/time_namespaces.7
@@ -8,7 +8,7 @@
time_namespaces \- overview of Linux time namespaces
.SH DESCRIPTION
Time namespaces virtualize the values of two system clocks:
-.IP \(bu 3
+.IP \[bu] 3
.B CLOCK_MONOTONIC
(and likewise
.B CLOCK_MONOTONIC_COARSE
@@ -16,7 +16,7 @@ and
.BR CLOCK_MONOTONIC_RAW ),
a nonsettable clock that represents monotonic time since\[em]as
described by POSIX\[em]"some unspecified point in the past".
-.IP \(bu
+.IP \[bu]
.B CLOCK_BOOTTIME
(and likewise
.BR CLOCK_BOOTTIME_ALARM ),
@@ -147,11 +147,11 @@ An
value is out of range.
In particular;
.RS
-.IP \(bu 3
+.IP \[bu] 3
.I offset-secs
can't be set to a value which would make the current
time on the corresponding clock inside the namespace a negative value; and
-.IP \(bu
+.IP \[bu]
.I offset-secs
can't be set to a value such that the time on the corresponding clock
inside the namespace would exceed half of the value of the kernel constant
diff --git a/man7/unicode.7 b/man7/unicode.7
index e0e6ce7aaf..5a358d5bb7 100644
--- a/man7/unicode.7
+++ b/man7/unicode.7
@@ -195,7 +195,7 @@ Two other planes are reserved for private usage, plane 15
and plane 16 (Supplementary Private Use Area-B, range
0x100000 to 0x10fffd).
.SS Literature
-.IP \(bu 3
+.IP \[bu] 3
Information technology \[em] Universal Multiple-Octet Coded Character
Set (UCS) \[em] Part 1: Architecture and Basic Multilingual Plane.
International Standard ISO/IEC 10646-1, International Organization
@@ -205,11 +205,11 @@ This is the official specification of UCS.
Available from
.UR http://www.iso.ch/
.UE .
-.IP \(bu
+.IP \[bu]
The Unicode Standard, Version 3.0.
The Unicode Consortium, Addison-Wesley,
Reading, MA, 2000, ISBN 0-201-61633-5.
-.IP \(bu
+.IP \[bu]
S.\& Harbison, G.\& Steele. C: A Reference Manual. Fourth edition,
Prentice Hall, Englewood Cliffs, 1995, ISBN 0-13-326224-3.
.IP
@@ -219,19 +219,19 @@ edition covers the 1994 Amendment 1 to the ISO C90 standard, which
adds a large number of new C library functions for handling wide and
multibyte character encodings, but it does not yet cover ISO C99,
which improved wide and multibyte character support even further.
-.IP \(bu
+.IP \[bu]
Unicode Technical Reports.
.RS
.UR http://www.unicode.org\:/reports/
.UE
.RE
-.IP \(bu
+.IP \[bu]
Markus Kuhn: UTF-8 and Unicode FAQ for UNIX/Linux.
.RS
.UR http://www.cl.cam.ac.uk\:/\[ti]mgk25\:/unicode.html
.UE
.RE
-.IP \(bu
+.IP \[bu]
Bruno Haible: Unicode HOWTO.
.RS
.UR http://www.tldp.org\:/HOWTO\:/Unicode\-HOWTO.html
diff --git a/man7/unix.7 b/man7/unix.7
index d65ae000ab..7c987fbd01 100644
--- a/man7/unix.7
+++ b/man7/unix.7
@@ -166,15 +166,15 @@ bytes of
.SS Pathname sockets
When binding a socket to a pathname, a few rules should be observed
for maximum portability and ease of coding:
-.IP \(bu 3
+.IP \[bu] 3
The pathname in
.I sun_path
should be null-terminated.
-.IP \(bu
+.IP \[bu]
The length of the pathname, including the terminating null byte,
should not exceed the size of
.IR sun_path .
-.IP \(bu
+.IP \[bu]
The
.I addrlen
argument that describes the enclosing
diff --git a/man7/user_namespaces.7 b/man7/user_namespaces.7
index 6011829d9a..6647b02bf7 100644
--- a/man7/user_namespaces.7
+++ b/man7/user_namespaces.7
@@ -157,7 +157,7 @@ its original user namespace.
.PP
The rules for determining whether or not a process has a capability
in a particular user namespace are as follows:
-.IP \(bu 3
+.IP \[bu] 3
A process has a capability inside a user namespace
if it is a member of that namespace and
it has the capability in its effective capability set.
@@ -173,11 +173,11 @@ or
.BR setns (2),
as already described.
.\" In the 3.8 sources, see security/commoncap.c::cap_capable():
-.IP \(bu
+.IP \[bu]
If a process has a capability in a user namespace,
then it has that capability in all child (and further removed descendant)
namespaces as well.
-.IP \(bu
+.IP \[bu]
.\" * The owner of the user namespace in the parent of the
.\" * user namespace has all caps.
When a user namespace is created, the kernel records the effective
@@ -234,29 +234,29 @@ and mount the following types of filesystems:
.PP
.RS 4
.PD 0
-.IP \(bu 3
+.IP \[bu] 3
.I /proc
(since Linux 3.8)
-.IP \(bu
+.IP \[bu]
.I /sys
(since Linux 3.8)
-.IP \(bu
+.IP \[bu]
.I devpts
(since Linux 3.9)
-.IP \(bu
+.IP \[bu]
.BR tmpfs (5)
(since Linux 3.9)
-.IP \(bu
+.IP \[bu]
.I ramfs
(since Linux 3.9)
-.IP \(bu
+.IP \[bu]
.I mqueue
(since Linux 3.9)
-.IP \(bu
+.IP \[bu]
.I bpf
.\" commit b2197755b2633e164a439682fb05a9b5ea48f706
(since Linux 4.4)
-.IP \(bu
+.IP \[bu]
.I overlayfs
.\" commit 92dbc9dedccb9759c7f9f2f0ae6242396376988f
.\" commit 4cb2c00c43b3fe88b32f29df4f76da1b92c33224
@@ -499,12 +499,12 @@ The lines written to
.I uid_map
.RI ( gid_map )
must conform to the following validity rules:
-.IP \(bu 3
+.IP \[bu] 3
The three fields must be valid numbers,
and the last field must be greater than 0.
-.IP \(bu
+.IP \[bu]
Lines are terminated by newline characters.
-.IP \(bu
+.IP \[bu]
There is a limit on the number of lines in the file.
In Linux 4.14 and earlier, this limit was (arbitrarily)
.\" 5*12-byte records could fit in a 64B cache line
@@ -519,7 +519,7 @@ and the write must be performed at the start of the file (i.e.,
and
.BR pwrite (2)
can't be used to write to nonzero offsets in the file).
-.IP \(bu
+.IP \[bu]
The range of user IDs (group IDs)
specified in each line cannot overlap with the ranges
in any other lines.
@@ -532,7 +532,7 @@ which prevented some otherwise valid maps from being created.
Linux 3.9 and later
.\" commit 0bd14b4fd72afd5df41e9fd59f356740f22fceba
fix this limitation, allowing any valid set of nonoverlapping maps.
-.IP \(bu
+.IP \[bu]
At least one line must be written to the file.
.PP
Writes that violate the above rules fail with the error
@@ -542,21 +542,21 @@ In order for a process to write to the
.IR /proc/ pid /uid_map
.RI ( /proc/ pid /gid_map )
file, all of the following permission requirements must be met:
-.IP \(bu 3
+.IP \[bu] 3
The writing process must have the
.B CAP_SETUID
.RB ( CAP_SETGID )
capability in the user namespace of the process
.IR pid .
-.IP \(bu
+.IP \[bu]
The writing process must either be in the user namespace of the process
.I pid
or be in the parent user namespace of the process
.IR pid .
-.IP \(bu
+.IP \[bu]
The mapped user IDs (group IDs) must in turn have a mapping
in the parent user namespace.
-.IP \(bu
+.IP \[bu]
If updating
.IR /proc/ pid /uid_map
to create a mapping that maps UID 0 in the parent namespace,
@@ -598,7 +598,7 @@ capability, it could create a binary with namespaced file capabilities
that would then be effective in the parent user namespace
(because the root user IDs are the same in the two namespaces).
.RE
-.IP \(bu
+.IP \[bu]
One of the following two cases applies:
.RS
.IP (a) 5
@@ -610,7 +610,7 @@ capability in the
.I parent
user namespace.
.RS
-.IP \(bu 3
+.IP \[bu] 3
No further restrictions apply:
the process can make mappings to arbitrary user IDs (group IDs)
in the parent user namespace.
@@ -619,7 +619,7 @@ in the parent user namespace.
.I Or
otherwise all of the following restrictions apply:
.RS
-.IP \(bu 3
+.IP \[bu] 3
The data written to
.I uid_map
.RI ( gid_map )
@@ -627,10 +627,10 @@ must consist of a single line that maps
the writing process's effective user ID
(group ID) in the parent user namespace to a user ID (group ID)
in the user namespace.
-.IP \(bu
+.IP \[bu]
The writing process must have the same effective user ID as the process
that created the user namespace.
-.IP \(bu
+.IP \[bu]
In the case of
.IR gid_map ,
use of the
@@ -675,12 +675,12 @@ to fail with the error
The permission rules for writing to the
.IR /proc/ pid /projid_map
file are as follows:
-.IP \(bu 3
+.IP \[bu] 3
The writing process must either be in the user namespace of the process
.I pid
or be in the parent user namespace of the process
.IR pid .
-.IP \(bu
+.IP \[bu]
The mapped project IDs must in turn have a mapping
in the parent user namespace.
.PP
@@ -965,9 +965,9 @@ Within a user namespace,
these capabilities allow a process to bypass the rules
if the process has the relevant capability over the file,
meaning that:
-.IP \(bu 3
+.IP \[bu] 3
the process has the relevant effective capability in its user namespace; and
-.IP \(bu
+.IP \[bu]
the file's user ID and group ID both have valid mappings
in the user namespace.
.PP
generated by cgit 1.2.3-korg (git 2.43.0) at 2025-07-03 12:56:39 +0000