mirror of
https://github.com/systemd/systemd
synced 2024-07-22 02:34:54 +00:00
man: use <warning> for warnings
This commit is contained in:
parent
f37841c0b7
commit
617b85d10e
|
@ -458,10 +458,12 @@
|
|||
<citerefentry project='man-pages'><refentrytitle>mkswap</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
|
||||
This option implies <option>plain</option>.</para>
|
||||
|
||||
<para>WARNING: Using the <option>swap</option> option will
|
||||
destroy the contents of the named partition during every boot,
|
||||
so make sure the underlying block device is specified
|
||||
correctly.</para>
|
||||
<warning>
|
||||
<para>Using the <option>swap</option> option will
|
||||
destroy the contents of the named partition during every boot,
|
||||
so make sure the underlying block device is specified
|
||||
correctly.</para>
|
||||
</warning>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v186"/></listitem>
|
||||
</varlistentry>
|
||||
|
@ -591,8 +593,10 @@
|
|||
<literal>btrfs</literal>. If no argument is specified defaults to <literal>ext4</literal>. This
|
||||
option implies <option>plain</option>.</para>
|
||||
|
||||
<para>WARNING: Using the <option>tmp</option> option will destroy the contents of the named partition
|
||||
during every boot, so make sure the underlying block device is specified correctly.</para>
|
||||
<warning>
|
||||
<para>Using the <option>tmp</option> option will destroy the contents of the named partition
|
||||
during every boot, so make sure the underlying block device is specified correctly.</para>
|
||||
</warning>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v186"/></listitem>
|
||||
</varlistentry>
|
||||
|
|
|
@ -2478,11 +2478,15 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
|
|||
processes will be killed forcibly and all file systems are unmounted or remounted read-only. This is hence a
|
||||
drastic but relatively safe option to request an immediate reboot. If <option>--force</option> is specified
|
||||
twice for these operations (with the exception of <command>kexec</command>), they will be executed
|
||||
immediately, without terminating any processes or unmounting any file systems. Warning: specifying
|
||||
<option>--force</option> twice with any of these operations might result in data loss. Note that when
|
||||
<option>--force</option> is specified twice the selected operation is executed by
|
||||
<command>systemctl</command> itself, and the system manager is not contacted. This means the command should
|
||||
succeed even when the system manager has crashed.</para>
|
||||
immediately, without terminating any processes or unmounting any file systems.</para>
|
||||
|
||||
<warning>
|
||||
<para>Specifying
|
||||
<option>--force</option> twice with any of these operations might result in data loss. Note that when
|
||||
<option>--force</option> is specified twice the selected operation is executed by
|
||||
<command>systemctl</command> itself, and the system manager is not contacted. This means the command should
|
||||
succeed even when the system manager has crashed.</para>
|
||||
</warning>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
|
|
@ -39,9 +39,11 @@
|
|||
NVMe-TCP mass storage devices. Its primary use-case is to be invoked by the
|
||||
<filename>storage-target-mode.target</filename> unit that can be booted into.</para>
|
||||
|
||||
<para>Warning: the NVMe disks are currently exposed without authentication or encryption, in read/write
|
||||
mode. This means network peers may read from and write to the device without any restrictions. This
|
||||
functionality should hence only be used in a local setup.</para>
|
||||
<warning>
|
||||
<para>The NVMe disks are currently exposed without authentication or encryption, in read/write
|
||||
mode. This means network peers may read from and write to the device without any restrictions. This
|
||||
functionality should hence only be used in a local setup.</para>
|
||||
</warning>
|
||||
|
||||
<para>Note that to function properly networking must be configured too. The recommended mechanism to boot
|
||||
into a storage target mode is by adding <literal>rd.systemd.unit=storage-target-mode.target
|
||||
|
|
|
@ -1342,13 +1342,15 @@ Table=1234</programlisting></para>
|
|||
Fallback Peer Labeling</ulink> rules. They will be removed when the interface is
|
||||
deconfigured. Failures to manage the labels will be ignored.</para>
|
||||
|
||||
<para>Warning: Once labeling is enabled for network traffic, a lot of LSM access control points in
|
||||
Linux networking stack go from dormant to active. Care should be taken to avoid getting into a
|
||||
situation where for example remote connectivity is broken, when the security policy hasn't been
|
||||
updated to consider LSM per-packet access controls and no rules would allow any network
|
||||
traffic. Also note that additional configuration with <citerefentry
|
||||
project='man-pages'><refentrytitle>netlabelctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||||
is needed.</para>
|
||||
<warning>
|
||||
<para>Once labeling is enabled for network traffic, a lot of LSM access control points in
|
||||
Linux networking stack go from dormant to active. Care should be taken to avoid getting into a
|
||||
situation where for example remote connectivity is broken, when the security policy hasn't been
|
||||
updated to consider LSM per-packet access controls and no rules would allow any network
|
||||
traffic. Also note that additional configuration with <citerefentry
|
||||
project='man-pages'><refentrytitle>netlabelctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||||
is needed.</para>
|
||||
</warning>
|
||||
|
||||
<para>Example:
|
||||
<programlisting>[Address]
|
||||
|
|
|
@ -550,14 +550,16 @@
|
|||
<para>Typically, it is essential that applications which intend to use such a match, make
|
||||
sure a suitable udev rule is installed that sets at least one property on devices that
|
||||
shall be matched. See also Initialized Devices section below for more details.</para>
|
||||
<para>WARNING: <option>--initialized-nomatch</option> can potentially save a significant
|
||||
amount of time compared to re-triggering all devices in the system and e.g. can be used to
|
||||
optimize boot time. However, this is not safe to be used in a boot sequence in general.
|
||||
Especially, when udev rules for a device depend on its parent devices (e.g.
|
||||
<literal>ATTRS</literal> or <literal>IMPORT{parent}</literal> keys, see
|
||||
<citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>
|
||||
for more details), the final state of the device becomes easily unstable with this option.
|
||||
</para>
|
||||
<warning>
|
||||
<para><option>--initialized-nomatch</option> can potentially save a significant
|
||||
amount of time compared to re-triggering all devices in the system and e.g. can be used to
|
||||
optimize boot time. However, this is not safe to be used in a boot sequence in general.
|
||||
Especially, when udev rules for a device depend on its parent devices (e.g.
|
||||
<literal>ATTRS</literal> or <literal>IMPORT{parent}</literal> keys, see
|
||||
<citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>
|
||||
for more details), the final state of the device becomes easily unstable with this option.
|
||||
</para>
|
||||
</warning>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v251"/>
|
||||
</listitem>
|
||||
|
|
|
@ -150,10 +150,11 @@ This is based on crypttab(5).
|
|||
<term><option>ignore-zero-blocks</option></term>
|
||||
|
||||
<listitem><para>Instruct kernel to not verify blocks that are expected to contain zeroes and always directly
|
||||
return zeroes instead.
|
||||
return zeroes instead.</para>
|
||||
|
||||
WARNING: Use this option only in very specific cases. This option is available since Linux kernel version 4.5.
|
||||
</para>
|
||||
<warning>
|
||||
<para>Use this option only in very specific cases. This option is available since Linux kernel version 4.5.</para>
|
||||
</warning>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||
</varlistentry>
|
||||
|
@ -162,11 +163,12 @@ This is based on crypttab(5).
|
|||
<term><option>check-at-most-once</option></term>
|
||||
|
||||
<listitem><para>Instruct kernel to verify blocks only the first time they are read from the data device, rather
|
||||
than every time.
|
||||
than every time.</para>
|
||||
|
||||
WARNING: It provides a reduced level of security because only offline tampering of the data device's content
|
||||
will be detected, not online tampering. This option is available since Linux kernel version 4.17.
|
||||
</para>
|
||||
<warning>
|
||||
<para>It provides a reduced level of security because only offline tampering of the data device's content
|
||||
will be detected, not online tampering. This option is available since Linux kernel version 4.17.</para>
|
||||
</warning>
|
||||
|
||||
<xi:include href="version-info.xml" xpointer="v248"/></listitem>
|
||||
</varlistentry>
|
||||
|
|
Loading…
Reference in a new issue