Troy Davis | 23 Nov 17:28 2014

[patch] tcp.7: Clarify tcp_tw_recycle on Internet-facing hosts

Clarify that tcp_tw_recycle will break communication with many
general-purpose remote Internet hosts (namely, remote NAT devices)
even when the Linux device itself is not behind NAT.

  - BCP to make NAT implementors aware of this problem (2013):
  - RFC 1323 (PAWS)
  - RFC 6191: Reducing the TIME-WAIT State Using TCP Timestamps
  - The many users who unknowingly enabled this option on devices
communicating with the general-purpose Internet:

Patched against git HEAD as of this email

diff --git a/man7/tcp.7 b/man7/tcp.7
index e6f5aee..06cc127 100644
--- a/man7/tcp.7
+++ b/man7/tcp.7
 <at>  <at>  -780,10 +780,11  <at>  <at>  building larger TSO frames.
 .IR tcp_tw_recycle " (Boolean; default: disabled; since Linux 2.4)"
 .\" Since 2.3.15
-Enable fast recycling of TIME_WAIT sockets.
-Enabling this option is not
-recommended since this causes problems when working
-with NAT (Network Address Translation).
+Enable fast recycling of TIME_WAIT sockets. Enabling this option is
+not recommended for devices communicating with the general Internet
(Continue reading)

Carlos O'Donell | 19 Nov 20:45 2014

[PATCH] wordexp.3: Make it clear that WRDE_NOCMD prevents command substitution.

The use of WRDE_NOCMD prevents command substitution. If the flag
WRDE_NOCMD is set then no command substitution shall occur and
the error WRDE_CMDSUB will be returned if such substitution is
requested when processing the words.

The manual page as-is makes it seem like the command substitution
occurs, and an error is returned *after* the substitution.

This patch clarifies that.

Patch against trunk.

Signed-off-by: Carlos O'Donell <carlos@...>

diff --git a/man3/wordexp.3 b/man3/wordexp.3
index c695c08..e457943 100644
--- a/man3/wordexp.3
+++ b/man3/wordexp.3
 <at>  <at>  -169,7 +169,7  <at>  <at>  flag
 told us to consider this an error.
-Command substitution occurred, and the
+Command substitution requested, but the
 flag told us to consider this an error.

(Continue reading)

Mark Veltzer | 19 Nov 04:57 2014

Missing manual pages for pthread_mutexattr_{get|set}robust(3)

These functions actually exist and work in current day distributions
(I am on ubuntu 13.10, 14.04 and 14.10) but are not documented in any

I actually found out that these functions exist using the pthread
library on win32...:)

These functions determine whether a futex is robust or not.

I have checked the latest version of manpages to make sure that it is
indeed missing.

To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@...
More majordomo info at

Michael Haardt | 17 Nov 09:07 2014

Addition to memcmp(3)


memcmp(3) does not document the return value for length 0 and the
CPU time depending on the number of compared bytes.  While both
is obvious, it should still be documented.


--- memcmp.3.orig	2014-11-17 08:53:53.848805576 +0100
+++ memcmp.3	2014-11-17 08:58:39.699005856 +0100
 <at>  <at>  -27,6 +27,7  <at>  <at> 
 .\"     Lewine's _POSIX Programmer's Guide_ (O'Reilly & Associates, 1991)
 .\"     386BSD man pages
 .\" Modified Sat Jul 24 18:55:27 1993 by Rik Faith (faith@...)
+.\" Modified Mon Nov 17 07:45:13 2014 by Michael Haardt (michael@...)
 .TH MEMCMP 3  2014-03-14 "" "Linux Programmer's Manual"
 memcmp \- compare memory areas
 <at>  <at>  -42,6 +43,11  <at>  <at> 
 function compares the first \fIn\fP bytes (each interpreted as
 .IR "unsigned char" )
 of the memory areas \fIs1\fP and \fIs2\fP.
+Do not use
+.BR memcmp ()
+to compare security critical data, such as cryptographic secrets,
+because the required CPU time depends on the amount of equal bytes.
 .BR memcmp ()
(Continue reading)

Richard Weinberger | 16 Nov 23:36 2014

[PATCH] pid_namespaces.7: tfix


Signed-off-by: Richard Weinberger <richard@...>
 man7/pid_namespaces.7 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/man7/pid_namespaces.7 b/man7/pid_namespaces.7
index 2090101..8582da3 100644
--- a/man7/pid_namespaces.7
+++ b/man7/pid_namespaces.7
 <at>  <at>  -70,7 +70,7  <at>  <at>  to this process rather than
 (unless one of the ancestors of the child
 in the same PID namespace employed the
 .BR prctl (2)
 command to mark itself as the reaper of orphaned descendant processes).

 If the "init" process of a PID namespace terminates,


To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@...
More majordomo info at

Chris Mayo | 16 Nov 18:03 2014

[patch] capabilities.7: NOTES: add last kernel versions for obsolete options


CONFIG_SECURITY_FILE_CAPABILITIES option removed in Linux 2.6.33 as already mentioned in DESCRIPTION

Signed-off-by: Chris Mayo <aklhfex@...>
 man7/capabilities.7 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/man7/capabilities.7 b/man7/capabilities.7
index a1adcb5..bc461a4 100644
--- a/man7/capabilities.7
+++ b/man7/capabilities.7
 <at>  <at>  -1124,7 +1124,7  <at>  <at>  is based on the withdrawn POSIX.1e draft standard; see
 .UE .
-Since kernel 2.5.27, capabilities are an optional kernel component,
+From kernel 2.5.27 to kernel 2.6.26, capabilities are an optional kernel component,
 and can be enabled/disabled via the
 kernel configuration option.
 <at>  <at>  -1161,7 +1161,7  <at>  <at>  It can be found at
 .UE .

-Before kernel 2.6.24, and since kernel 2.6.24 if
+Before kernel 2.6.24, and from kernel 2.6.24 to kernel 2.6.32 if
(Continue reading)

Josh Triplett | 15 Nov 10:00 2014

[PATCH 1/2] groups: Factor out a function to set a pre-sorted group list

This way, functions that already need to sort the group list need not do
so twice.

The new set_groups_sorted is intentionally not exported.

Signed-off-by: Josh Triplett <josh@...>
 kernel/groups.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/kernel/groups.c b/kernel/groups.c
index 451698f..f0667e7 100644
--- a/kernel/groups.c
+++ b/kernel/groups.c
 <at>  <at>  -154,16 +154,26  <at>  <at>  int groups_search(const struct group_info *group_info, kgid_t grp)

+ * set_groups_sorted - Change a group subscription in a set of credentials
+ *  <at> new: The newly prepared set of credentials to alter
+ *  <at> group_info: The group list to install; must be sorted
+ */
+static void set_groups_sorted(struct cred *new, struct group_info *group_info)
+	put_group_info(new->group_info);
+	get_group_info(group_info);
+	new->group_info = group_info;
(Continue reading)

Andrea Balboni | 14 Nov 18:33 2014

[PATCH] pthread_attr_init.3: tfix

 man3/pthread_attr_init.3 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/man3/pthread_attr_init.3 b/man3/pthread_attr_init.3
index 6092283..3875519 100644
--- a/man3/pthread_attr_init.3
+++ b/man3/pthread_attr_init.3
 <at>  <at>  -106,7 +106,7  <at>  <at>  we see the following:
 .in +4n
 .\" Results from glibc 2.8, SUSE 11.0; Oct 2008
-.RB "$" " ulimit \-s" "       # No stack imit ==> default stack size is 2MB"
+.RB "$" " ulimit \-s" "       # No stack limit ==> default stack size is 2MB"
 .RB "$" " ./a.out"
 Thread attributes:


To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@...
More majordomo info at

Jonny Grant | 11 Nov 23:27 2014



I noticed that "nsecs = 0;" is not needed in the getopt source code example.

GCC gives warning about this variable being initialised.

Regards, Jonny
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@...
More majordomo info at

Weijie Yang | 11 Nov 08:18 2014

[bug report] fadvise64.2: Linux actually returns ESPIPE on FIFO/pipe

In man-page fadvise64.2(and its variants), the following is outdated:

"ESPIPE The specified file descriptor refers to a pipe or FIFO.  (Linux actually returns EINVAL in this case.)"

In Linux 2.6.12, kernel was modified to match the POSIX: return ESPIPE on FIFO/pipe

See detail:

commit 87ba81dba431232548ce29d5d224115d0c2355ac
Author: Valentine Barshak <vbarshak@...>
Date:   Sun Jan 8 01:03:44 2006 -0800

    [PATCH] fadvise: return ESPIPE on FIFO/pipe

    The patch makes posix_fadvise return ESPIPE on FIFO/pipe in order to be
    fully POSIX-compliant.

    Signed-off-by: Andrew Morton <akpm@...>
    Signed-off-by: Linus Torvalds <torvalds@...>

diff --git a/mm/fadvise.c b/mm/fadvise.c
index 5f19e87..d257c89 100644
--- a/mm/fadvise.c
+++ b/mm/fadvise.c
 <at>  <at>  -37,6 +37,11  <at>  <at>  asmlinkage long sys_fadvise64_64(int fd, loff_t offset, loff_t len, int advice)
        if (!file)
                return -EBADF;

+       if (S_ISFIFO(file->f_dentry->d_inode->i_mode)) {
+               ret = -ESPIPE;
(Continue reading)

Michael Kerrisk (man-pages | 11 Nov 06:17 2014

Re: [patch] sched_setscheduler.2 tfix

On 11/10/2014 11:08 AM, Adam Jiang wrote:
> Fix typo in sched_setscheduler.2.

Thanks, Adam. Applied.




Michael Kerrisk
Linux man-pages maintainer;
Linux/UNIX System Programming Training:
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo@...
More majordomo info at