commit b0fe68c13b04af8c098d53ea999bba6b7395163d parent 997b02adcc8384906339ea81ece5ba7244f3ef60 Author: Laurent Bercot <ska-skaware@skarnet.org> Date: Wed, 16 Sep 2020 12:04:55 +0000 Documentation fixes, by flexibeast Diffstat:
43 files changed, 147 insertions(+), 145 deletions(-)
diff --git a/doc/ftrig.html b/doc/ftrig.html @@ -73,7 +73,7 @@ it's not handling an event, and only wake up when needed. Of course, the problem of notification is that it's often more difficult to implement. Notification frameworks are generally more complex, involving lots of asynchronism; polling is widely used -<a href="http://lib.store.yahoo.net/lib/demotivators/mediocritydemotivationalposter.jpg">because +<a href="https://lib.store.yahoo.net/lib/demotivators/mediocritydemotivationalposter.jpg">because it's easy.</a> </p> @@ -86,11 +86,11 @@ notify process A. <ul> <li> Signals. The simplest Unix notification mechanism. Sending events amounts -to a <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/kill.html">kill()</a> -call, and receiving events amounts to installing a signal handler (preferrably +to a <a href="https://pubs.opengroup.org/onlinepubs/9699919799/functions/kill.html">kill()</a> +call, and receiving events amounts to installing a signal handler (preferably using a <a href="//skarnet.org/software/skalibs/libstddjb/selfpipe.html">self-pipe</a> if mixing signals with an event loop). Unfortunately, Unix signals, even the more -recent and powerful real-time Posix signals, have important limitations when it's +recent and powerful real-time POSIX signals, have important limitations when it's about generic notification: <ul> <li> non-root processes can only send signals to a very restricted and diff --git a/doc/index.html b/doc/index.html @@ -22,7 +22,7 @@ <p> s6 is a small suite of programs for UNIX, designed to allow process supervision (a.k.a service supervision), -in the line of <a href="http://cr.yp.to/daemontools.html">daemontools</a> +in the line of <a href="https://cr.yp.to/daemontools.html">daemontools</a> and <a href="http://smarden.org/runit/">runit</a>, as well as various operations on processes and daemons. It is meant to be a toolbox for low-level process and service administration, providing different sets of @@ -37,15 +37,15 @@ provided by s6 - besides process supervision: </p> <ul> - <li> <a href="http://en.wikipedia.org/wiki/Syslog">syslogd</a> functionality, + <li> <a href="https://en.wikipedia.org/wiki/Syslog">syslogd</a> functionality, using much less resources than the traditional syslogd. </li> <li> Reliable service readiness notification, which is the basis for service dependency management. </li> <li> Controlled privileged gain as with -<a href="http://en.wikipedia.org/wiki/Sudo">sudo</a>, without using +<a href="https://en.wikipedia.org/wiki/Sudo">sudo</a>, without using any suid programs. </li> <li> The useful parts of -<a href="http://0pointer.de/blog/projects/socket-activation.html">socket +<a href="https://0pointer.de/blog/projects/socket-activation.html">socket activation</a><sup><a href="#fn1" id="r1">[1]</a></sup> without having to change application code or link servers against any specific library, and without having to switch to any @@ -67,7 +67,7 @@ supervision that might help you understand the basics. <li> <a href="why.html">Why another supervision suite?</a> Isn't <a href="http://smarden.org/runit/">runit</a> good enough?</li> <li> What is <a href="ftrig.html">instant notification</a>? What does the <a href="libs6/ftrigr.html">ftrigr library</a> do exactly?</li> -<li> How to run a s6-svscan-based supervision tree <a href="s6-svscan-not-1.html">without replacing init</a> </li> +<li> How to run an s6-svscan-based supervision tree <a href="s6-svscan-not-1.html">without replacing init</a> </li> <li> How to <a href="s6-svscan-1.html">replace init</a> </li> <li> How to perform <a href="socket-activation.html">socket activation with s6</a> </li> @@ -97,7 +97,7 @@ certain binaries that spawn scripts interpreted with <p> s6 is free software. It is available under the -<a href="http://opensource.org/licenses/ISC">ISC license</a>. +<a href="https://opensource.org/licenses/ISC">ISC license</a>. </p> <h3> Download </h3> @@ -168,7 +168,7 @@ a user interface to control those processes and monitor service states. <p> These programs are a rewrite of the corresponding utilities from -<a href="http://cr.yp.to/daemontools.html">daemontools</a>, with +<a href="https://cr.yp.to/daemontools.html">daemontools</a>, with a few extras. </p> @@ -304,7 +304,7 @@ Linux system with s6-svscan as process 1. </li> is a project that automates integration of s6 into Docker images. </li> <li> <a href="//skarnet.org/software/s6-rc/">s6-rc</a> is a dependency-based service manager for s6. </li> - <li> <a href="http://jjacky.com/anopa">anopa</a> is another dependency-based + <li> <a href="https://jjacky.com/anopa">anopa</a> is another dependency-based service manager for s6. </li> </ul> @@ -321,9 +321,9 @@ and answer questions. </li> <h3> Similar work </h3> <ul> - <li> <a href="http://cr.yp.to/daemontools.html">daemontools</a>, the pioneering + <li> <a href="https://cr.yp.to/daemontools.html">daemontools</a>, the pioneering process supervision software suite. </li> - <li> <a href="http://untroubled.org/daemontools-encore/">daemontools-encore</a>, + <li> <a href="https://untroubled.org/daemontools-encore/">daemontools-encore</a>, a derived work from daemontools with enhancements. (Note that although s6 follows the same naming scheme, the same general design, and many of the same architecture choices as daemontools, it is still original work, sharing no code at all with @@ -341,24 +341,24 @@ different way than the previous items on this list. </li> <h3> Other init systems </h3> <ul> - <li> Felix von Leitner's <a href="http://www.fefe.de/minit/">minit</a> is an + <li> Felix von Leitner's <a href="https://www.fefe.de/minit/">minit</a> is an init system for Linux, with process supervision capabilities. </li> - <li> <a href="http://git.suckless.org/sinit">suckless init</a> is + <li> <a href="https://git.suckless.org/sinit">suckless init</a> is considered by many as the smallest possible init. I disagree: suckless init is incorrect, because it has no supervision capabilities, and thus, killing all processes but init can brick the machine. Nevertheless, suckless init, like many other suckless projects, is a neat exercise in minimalism. </li> - <li> <a href="http://freshmeat.net/projects/sysvinit/">sysvinit</a> is the + <li> <a href="https://nongnu.org/sysvinit/">sysvinit</a> is the traditional init system for Linux. </li> - <li> <a href="http://upstart.ubuntu.com/">Upstart</a> is a well-known init system + <li> <a href="https://upstart.ubuntu.com/">Upstart</a> is a well-known init system for Linux, with complete service management, that comes with the Ubuntu distribution. It includes a coffee machine and the kitchen sink.</li> <li> <a href="//skarnet.org/software/systemd.html">systemd</a> is a problem in its own category. </li> <li> The various BSD flavors have their own style of -<a href="http://www.freebsd.org/doc/handbook/boot-init.html">init</a>. </li> +<a href="https://www.freebsd.org/doc/handbook/boot-init.html">init</a>. </li> <li> MacOS X has its own init spaghetti monster called -<a href="http://en.wikipedia.org/wiki/Launchd">launchd</a>. </li> +<a href="https://en.wikipedia.org/wiki/Launchd">launchd</a>. </li> </ul> <p> diff --git a/doc/libs6/accessrules.html b/doc/libs6/accessrules.html @@ -88,7 +88,7 @@ under, in the format understood by <a href="../s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a>. </li> <li> <tt>s6_accessrules_backend_cdb</tt> takes a <tt>struct cdb *</tt> <em>handle</em> and looks up <em>key</em> in the -<a href="http://cr.yp.to/cdb.html">CDB</a> it points to. <em>handle</em> must +<a href="https://cr.yp.to/cdb.html">CDB</a> it points to. <em>handle</em> must already be mapped to a CDB file. Such a file can be built with the <a href="../s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> utility. </li> @@ -143,7 +143,7 @@ starting with <em>key</em> itself and ending with <em>key</em>'s TLD, it looks up <tt>reversedns/<em>k</em></tt>. The final dot is excluded from <em>k</em>. If no match can be found, the function checks <tt>reversedns/@</tt> and returns the result. For instance, if <em>key</em> is "foo.bar.com", -the following strings are looked up, in that order: +the following strings are looked up, in this order: <ul> <li> reversedns/foo.bar.com </li> <li> reversedns/bar.com </li> @@ -158,7 +158,7 @@ netmask <em>mask</em> from 32 to 0, it constructs the IPv4 network prefix <em>addr</em> corresponding to that address, and looks up <tt>ip4/<em>addr</em>_<em>mask</em></tt>. For instance, if <em>key</em> is "\300\250\001\007", representing the 192.168.1.7 address, the following -strings are looked up, in that order: +strings are looked up, in this order: <ul> <li> ip4/192.168.1.7_32 </li> <li> ip4/192.168.1.6_31 </li> @@ -187,7 +187,7 @@ and looks up <tt>ip6/<em>addr</em>_<em>mask</em></tt>. For instance, if <em>key</em> is "*\0\024P@\002\b\003\0\0\0\0\0\0\020\006", representing the 2a00:1450:4002:803::1006 address, the following -strings are looked up, in that order: +strings are looked up, in this order: <ul> <li> ip6/2a00:1450:4002:803::1006_128 </li> <li> ip6/2a00:1450:4002:803::1006_127 </li> diff --git a/doc/libs6/ftrigr.html b/doc/libs6/ftrigr.html @@ -45,7 +45,7 @@ simply ignoring pids you don't know. <p> If your application has trouble handling unknown -children, consider using a ftrigrd service. (And fix your application!) +children, consider using an ftrigrd service. (And fix your application!) </p> <h3> A programming example </h3> @@ -112,11 +112,11 @@ ftrigr_startf(&a, &deadline, &stamp) ; </pre> <p> -<tt>ftrigr_start</tt> starts a session with a ftrigrd service listening on +<tt>ftrigr_start</tt> starts a session with an ftrigrd service listening on <em>path</em>. <br /> -<tt>ftrigr_startf</tt> starts a session with a ftrigrd process as a child +<tt>ftrigr_startf</tt> starts a session with an ftrigrd process as a child (which is the simplest usage). <br /> -<tt>a</tt> is a ftrigr_t structure that must be declared in the stack and +<tt>a</tt> is an ftrigr_t structure that must be declared in the stack and initialized to FTRIGR_ZERO. <tt>stamp</tt> must be an accurate enough timestamp. <br /> If the session initialization fails, the function returns 0 and errno is set; diff --git a/doc/libs6/s6-fdholder.html b/doc/libs6/s6-fdholder.html @@ -72,7 +72,7 @@ s6_fdholder_free(&a) ; <p> <tt>s6_fdholder_init</tt> assumes that <em>fd</em> is a socket already -connected to a s6-fdholderd daemon. The <em>a</em> structure must be +connected to an s6-fdholderd daemon. The <em>a</em> structure must be initialized to <tt>S6_FDHOLDER_ZERO</tt> before use. </p> diff --git a/doc/libs6/s6-ftrigrd.html b/doc/libs6/s6-ftrigrd.html @@ -39,10 +39,10 @@ stdout is a pipe writing to the client; its stderr is the same as the client's; there's an additional pipe from s6-ftrigrd to the client, used for asynchronous notifications. </li> <li> If the client program uses <tt>ftrigr_start()</tt>, then it tries to connect -to a Unix domain socket. A ftrigrd <a href="../localservice.html">local service</a> should be listening to that -socket, i.e. a Unix domain superserver such as +to a Unix domain socket. An ftrigrd <a href="../localservice.html">local service</a> should be listening to that +socket, i.e. a Unix domain super-server such as <a href="s6-ipcserver.html">s6-ipcserver</a> -spawning a s6-ftrigrd program on every connection. Then a s6-ftrigrd instance is created +spawning an s6-ftrigrd program on every connection. Then an s6-ftrigrd instance is created for the client. </li> <li> When the client uses <tt>ftrigr_end()</tt>, or closes s6-ftrigrd's stdin in any way, s6-ftrigrd exits 0. </li> @@ -71,7 +71,7 @@ to read them. To avoid uncontrolled growth, make sure your client calls </p> <p> - A s6-ftrigrd instance can only handle up to FTRIGRD_MAX (defined in <tt>s6/ftrigr.h</tt>) + An s6-ftrigrd instance can only handle up to FTRIGRD_MAX (defined in <tt>s6/ftrigr.h</tt>) subscriptions at once. By default, this number is 1000, which is more than enough for any reasonable system. </p> diff --git a/doc/libs6/s6lock.html b/doc/libs6/s6lock.html @@ -40,7 +40,7 @@ options are usually available. </li> <a href="../localservice.html">s6lockd service</a> concurrently accessed by several applications using such locks to gate shared resources. </li> - <li> If you're not using a s6lockd service, + <li> If you're not using an s6lockd service, make sure your application is not disturbed by children it doesn't know it has. Using nonblocking waits, ignoring pids you don't know, and using a @@ -65,13 +65,13 @@ s6lock_start_g(&a, path, &deadline) ; </pre> <p> -<tt>s6lock_start_g</tt> starts a session by connecting to a s6lockd service +<tt>s6lock_start_g</tt> starts a session by connecting to an s6lockd service listening on <em>path</em>. The working directory is set by the administrator of the service. <br /> -<tt>s6lock_startf_g</tt> starts a session with a s6lockd process as a child, +<tt>s6lock_startf_g</tt> starts a session with an s6lockd process as a child, using <em>lockdir</em> as its working directory. <br /> -<tt>a</tt> is a s6lock_t structure that must be declared in the stack and +<tt>a</tt> is an s6lock_t structure that must be declared in the stack and initialized to S6LOCK_ZERO. If the session initialization fails, the function returns 0 and errno is set; else the function returns 1. diff --git a/doc/libs6/s6lockd.html b/doc/libs6/s6lockd.html @@ -39,11 +39,11 @@ user: it will be spawned by the <ol> <li> Use the <tt>s6lock_startf()</tt> library call. -A <tt>s6lockd</tt> child will then be spawned from your +An <tt>s6lockd</tt> child will then be spawned from your calling process, and automatically reaped when you call <tt>s6lock_end()</tt>. It requires care with applications that trap SIGCHLD. It also requires care with lock file permissions: -a s6lockd instance might not be able +an s6lockd instance might not be able to open a lock file created by a former instance run by another client with different permissions. </li> <li> Use the <tt>s6lock_start()</tt> library call, together with a @@ -56,10 +56,10 @@ simplifies permissions management considerably. </li> <p> When run as a service, s6lockd has no "standalone" mode: it is designed to work with a Unix -domain superserver, like +domain super-server, like <a href="../s6-ipcserver.html">s6-ipcserver</a>. -s6lockd follows the <a href="http://cr.yp.to/proto/ucspi.txt">UCSPI</a> -interface, it can be directly executed from the superserver. +s6lockd follows the <a href="https://cr.yp.to/proto/ucspi.txt">UCSPI</a> +interface, it can be directly executed from the super-server. </p> <h2> Notes </h2> @@ -67,7 +67,7 @@ interface, it can be directly executed from the superserver. <ul> <li> Unix does not natively provide a way to stop blocking on a lock acquisition after a timeout. To emulate such behaviour, s6lockd actually -spawns a <a href="s6lockd-helper.html">s6lockd-helper</a> child per +spawns an <a href="s6lockd-helper.html">s6lockd-helper</a> child per requested lock. </li> </ul> diff --git a/doc/localservice.html b/doc/localservice.html @@ -96,7 +96,7 @@ socket <em>and</em> a pipe between the client and the server. <h2> UCSPI </h2> <p> - The <a href="http://cr.yp.to/proto/ucspi.txt">UCSPI</a> protocol + The <a href="https://cr.yp.to/proto/ucspi.txt">UCSPI</a> protocol is an easy way of abstracting clients and servers from the network. A server written as a UCSPI server, just as it can be run under inetd or diff --git a/doc/overview.html b/doc/overview.html @@ -28,7 +28,7 @@ description of the different parts of s6. <p> At its core, s6 is a <em>process supervision suite</em>, like its ancestor -<a href="http://cr.yp.to/daemontools.html">daemontools</a> and its +<a href="https://cr.yp.to/daemontools.html">daemontools</a> and its close cousin <a href="http://smarden.org/runit/">runit</a>. </p> @@ -288,7 +288,7 @@ sometimes, they are daemons themselves, designed to be supervised. <p> s6, like other <a href="//skarnet.org/software/">skarnet.org software</a>, makes heavy use of -<a href="http://en.wikipedia.org/wiki/Chain_loading#Chain_loading_in_Unix">chain +<a href="https://en.wikipedia.org/wiki/Chain_loading#Chain_loading_in_Unix">chain loading</a>, also known as "Bernstein chaining": a lot of s6 tools will perform some action that changes the process state, then execute into the rest of their command line. This allows the user to change the process state @@ -461,7 +461,7 @@ descriptors. </li> <p> Note that "socket activation", one of the main advertised benefits of the -<a href="http://www.freedesktop.org/wiki/Software/systemd/">systemd</a> +<a href="https://www.freedesktop.org/wiki/Software/systemd/">systemd</a> init system, sounds similar to fd-holding. The reality is that socket activation is a mixture of several different mechanisms, one of which is fd-holding; s6 allows you to implement the diff --git a/doc/s6-accessrules-cdb-from-fs.html b/doc/s6-accessrules-cdb-from-fs.html @@ -23,7 +23,7 @@ containing a ruleset suitable for <a href="s6-ipcserver-access.html">s6-ipcserver-access</a> or <a href="//skarnet.org/software/s6-networking/s6-tcpserver-access.html">s6-tcpserver-access</a> into a -<a href="http://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a>. +<a href="https://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a>. </p> <h2> Interface </h2> @@ -35,7 +35,7 @@ containing a ruleset suitable for <ul> <li> s6-accessrules-cdb-from-fs compiles the <em>dir</em> directory containing a ruleset into a -<a href="http://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a> +<a href="https://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a> <em>cdbfile</em> then exits 0. </li> </ul> diff --git a/doc/s6-accessrules-fs-from-cdb.html b/doc/s6-accessrules-fs-from-cdb.html @@ -35,7 +35,7 @@ that has been compiled with <ul> <li> s6-accessrules-fs-from-cdb decompiles the -<a href="http://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a> +<a href="https://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a> <em>cdbfile</em> into the directory <em>dir</em>, then exits 0. </li> </ul> diff --git a/doc/s6-connlimit.html b/doc/s6-connlimit.html @@ -47,8 +47,8 @@ no maximum number of connections has been defined. </li> <p> The <a href="//skarnet.org/software/s6-networking/s6-tcpserver4.html">s6-tcpserver4</a> and -<a href="//skarnet.org/software/s6-networking/s6-tcpserver6.html">s6-tcpserver6</a> define the PROTO environment -variable to "TCP", and spawn every child server with the TCPCONNNUM environment +<a href="//skarnet.org/software/s6-networking/s6-tcpserver6.html">s6-tcpserver6</a> programs +define the PROTO environment variable to "TCP", and spawn every child server with the TCPCONNNUM environment variable set to the number of connections from the same IP address. The <a href="//skarnet.org/software/s6-networking/s6-tcpserver-access.html">s6-tcpserver-access</a> program can set environment variables depending on the client's IP address. If the diff --git a/doc/s6-envdir.html b/doc/s6-envdir.html @@ -60,7 +60,7 @@ first character of <em>nullis</em> instead of a newline. </li> <p> s6-envdir without options behaves exactly like -<a href="http://cr.yp.to/daemontools/envdir.html">envdir</a>. +<a href="https://cr.yp.to/daemontools/envdir.html">envdir</a>. </p> </body> diff --git a/doc/s6-envuidgid.html b/doc/s6-envuidgid.html @@ -54,7 +54,7 @@ to its numerical value, and the UID and GIDLIST variables will not be touched. < interpreted as <em>user<tt>:</tt>group</em>. The GIDLIST variable will not be touched. If <em>user</em> does not exist, the UID variable will be set to 0 unless a better default is provided with the <tt>-D</tt> option. -if <em>group</em> does not exist, the GID variable will be set to 0 unless a +If <em>group</em> does not exist, the GID variable will be set to 0 unless a better default is provided with the <tt>-D</tt> option. </li> <li> <tt>-n</tt> : numerical fallback. If <em>account</em> cannot be found in the user or group database, try to interpret the given values literally. @@ -65,19 +65,19 @@ will set UID to 0 and GID to 42. </li> an error message. This is the default. </li> <li> <tt>-D <em>uid</em>:<em>gid</em>:<em>gidlist</em></tt> : if <em>account</em> is unknown, use <em>uid</em>, <em>gid</em> and <em>gidlist</em> as the values for -UID and GID and GIDLIST. </li> +UID, GID and GIDLIST. </li> </ul> <h2> Notes </h2> <ul> <li> s6-envuidgid without options behaves like -<a href="http://cr.yp.to/daemontools/envuidgid.html">envuidgid</a>, except that +<a href="https://cr.yp.to/daemontools/envuidgid.html">envuidgid</a>, except that the exit code is 1 if <em>account</em> doesn't exist, and it also exports supplementary groups. </li> <li> s6-envuidgid is useful when running a program that must start as root but can drop its privileges later. Such a program can read its new uid/gid/groups info -from the UID, GID and GIDLIST environment variables. Superservers such as +from the UID, GID and GIDLIST environment variables. Super-servers such as <a href="//skarnet.org/software/s6-networking/s6-tcpserver4.html">s6-tcpserver4</a> make use of this. </li> </ul> diff --git a/doc/s6-fdholder-daemon.html b/doc/s6-fdholder-daemon.html @@ -69,7 +69,7 @@ verbose, or more verbose, depending on if <em>verbosity</em> is 0, 1, or more. The default is 1. </li> <li> <tt>-d</tt> : allow instant rebinding to the same path even if it has been used not long ago - this is the SO_REUSEADDR flag to -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a> and is generally used with server programs. This is the default. Note that <em>path</em> will be deleted if it already exists at program start time. </li> <li> <tt>-D</tt> : disallow instant rebinding to the same path. </li> @@ -87,7 +87,7 @@ be opened by the s6-fdholder-daemon process minus a few descriptors needed for correct <a href="s6-fdholderd.html">s6-fdholderd</a> operation. Before running s6-fdholder-daemon, make sure to <a href="s6-softlimit.html">properly adjust</a> the -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_resource.h.html">number +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_resource.h.html">number of openable files</a> of the current process. </li> <li> <tt>-b <em>backlog</em></tt> : set a maximum of <em>backlog</em> backlog connections on the socket. Extra @@ -137,7 +137,7 @@ of s6-fdholderd applies to s6-fdholder-daemon as well; in particular, make sure to properly <a href="s6-fdholderd.html#configuration">configure the clients' access rights</a>. </li> - <li> s6-fdholder-daemon is meant to be used in a s6 run script, as + <li> s6-fdholder-daemon is meant to be used in an s6 run script, as a supervised local service. It does not fork itself or write to syslog. However, it can be run under any infrastructure, including other supervision infrastructures, OpenRC, systemd, or SysV scripts. </li> diff --git a/doc/s6-fdholder-delete.html b/doc/s6-fdholder-delete.html @@ -56,7 +56,7 @@ wrong socket, for instance). </li> <li> 1: the server denied the operation. The meaning of the error messages is explained <a href="s6-fdholder-errorcodes.html">here</a>. </li> <li> 100: wrong usage. </li> - <li> 111: system call failed - that includes attempting to connect to a + <li> 111: system call failed - this includes attempting to connect to a nonexistent socket, or one where no <a href="s6-fdholderd.html">s6-fdholderd</a> daemon is listening. </li> </ul> @@ -68,7 +68,7 @@ daemon is listening. </li> </pre> <p> -will tell a s6-fdholderd daemon listening on the +will tell an s6-fdholderd daemon listening on the <tt>/service/fdholderd/s</tt> socket to close the file descriptor dentified as MYSOCKET. </p> diff --git a/doc/s6-fdholder-errorcodes.html b/doc/s6-fdholder-errorcodes.html @@ -20,7 +20,7 @@ <p> The following error messages (and corresponding -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/errno.h.html">errno codes</a>) +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/errno.h.html">errno codes</a>) can be returned by the <a href="s6-fdholderd.html">s6-fdholderd</a> daemon to its various clients. This page explains why they occur. @@ -32,7 +32,7 @@ for socket</tt> (EPROTOTYPE): the client connected to the wrong kind of server and they cannot communicate. This is generally a programming error. It can also signal a bug in the s6-fdholder tools, but protocol bugs have -usually been wiped out before a s6 release. </li> +usually been wiped out before an s6 release. </li> <li> <tt>Broken pipe</tt> (EPIPE): the client was not authorized to connect to the server, which closed the connection. You need to <a href="s6-fdholderd.html#configuration">configure the access @@ -47,7 +47,7 @@ attempted to store more file descriptors than the server can hold. Or, the client attempted to retrieve more file descriptors than it can hold. You should check the <tt>-n</tt> option to <a href="s6-fdholderd.html">s6-fdholderd</a>, as well as the -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_resource.h.html">RLIMIT_NOFILE</a> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_resource.h.html">RLIMIT_NOFILE</a> resource limits used by the client and the server, and adjust them accordingly. </li> <li> <tt>Resource busy</tt> (EBUSY): the client attempted to store diff --git a/doc/s6-fdholder-getdump.html b/doc/s6-fdholder-getdump.html @@ -38,7 +38,7 @@ environment. <a href="s6-fdholderd.html">s6-fdholderd</a> server process listening on <em>path</em>. </li> <li> It retrieves a copy of the whole set of file descriptors -stored in that daemon, including their identifiers and expiration dates. </li> +stored in this daemon, including their identifiers and expiration dates. </li> <li> It then executes into <em>prog...</em> with the additional open descriptors and the additional environment variables. </li> </ul> @@ -60,7 +60,7 @@ wrong socket, for instance). </li> <li> 1: the server denied the operation. The meaning of the error messages is explained <a href="s6-fdholder-errorcodes.html">here</a>. </li> <li> 100: wrong usage. </li> - <li> 111: system call failed - that includes attempting to connect to a + <li> 111: system call failed - this includes attempting to connect to a nonexistent socket, or one where no <a href="s6-fdholderd.html">s6-fdholderd</a> daemon is listening. </li> </ul> @@ -82,10 +82,10 @@ open file descriptor. </li> <li> <tt>S6_FDID_<em>i</em></tt> : contains the identifier of the <em>i</em>th open file descriptor. </li> <li> <tt>S6_FDLIMIT_<em>i</em></tt> : contains the expiration date of -the <em>i</em>th open file descriptor, if applicable. That date is stored in -<a href="http://cr.yp.to/libtai/tai64.html#tai64n">external TAI64N +the <em>i</em>th open file descriptor, if applicable. This date is stored in +<a href="https://cr.yp.to/libtai/tai64.html#tai64n">external TAI64N format</a>.<br /> -If the file descriptor is not supposed to expire, that environment variable +If the file descriptor is not supposed to expire, this environment variable is not defined. </li> </ul> </li> </ul> @@ -107,7 +107,7 @@ program does the same thing more efficiently. <h2> Notes </h2> <ul> - <li> Getting the whole state of a s6-fdholderd daemon requires specific + <li> Getting the whole state of an s6-fdholderd daemon requires specific privileges. Make sure you properly <a href="s6-fdholderd.html#configuration">configure the s6-fdholderd access rights</a> so your client can perform that operation. </li> diff --git a/doc/s6-fdholder-list.html b/doc/s6-fdholder-list.html @@ -34,7 +34,7 @@ <a href="s6-fdholderd.html">s6-fdholderd</a> server process listening on <em>path</em>. </li> <li> It gets the list of identifiers corresponding to the currently held -file descriptors. It prints that list to stdout, one per line. </li> +file descriptors. It prints this list to stdout, one per line. </li> </ul> <h2> Options </h2> @@ -54,7 +54,7 @@ wrong socket, for instance). </li> <li> 1: the server denied the operation. The meaning of the error messages is explained <a href="s6-fdholder-errorcodes.html">here</a>. </li> <li> 100: wrong usage. </li> - <li> 111: system call failed - that includes attempting to connect to a + <li> 111: system call failed - this includes attempting to connect to a nonexistent socket, or one where no <a href="s6-fdholderd.html">s6-fdholderd</a> daemon is listening. </li> </ul> diff --git a/doc/s6-fdholder-retrieve.html b/doc/s6-fdholder-retrieve.html @@ -21,8 +21,8 @@ <p> <tt>s6-fdholder-retrieve</tt> connects to a <a href="s6-fdholderd.html">fd-holding daemon</a> listening on a -Unix domain socket, and retrieves a file descriptor from that -daemon, then executes a program with that file descriptor as the +Unix domain socket, and retrieves a file descriptor from this +daemon, then executes a program with this file descriptor as the program's standard input. </p> @@ -63,7 +63,7 @@ wrong socket, for instance). </li> <li> 1: the server denied the operation. The meaning of the error messages is explained <a href="s6-fdholder-errorcodes.html">here</a>. </li> <li> 100: wrong usage. </li> - <li> 111: system call failed - that includes attempting to connect to a + <li> 111: system call failed - this includes attempting to connect to a nonexistent socket, or one where no <a href="s6-fdholderd.html">s6-fdholderd</a> daemon is listening. </li> </ul> @@ -77,7 +77,7 @@ daemon is listening. </li> <p> will retrieve a file descriptor stored under the MYSOCKET identifier in the s6-fdholderd daemon listening on the <tt>/service/fdholderd/s</tt> -socket, and execute into <tt>s6-ipcserverd cat</tt> with that file +socket, and execute into <tt>s6-ipcserverd cat</tt> with this file descriptor as stdin. In this case, if MYSOCKET referred to a Unix domain socket, <a href="s6-ipcserverd.html">s6-ipcserverd</a> will then accept client connections on it and spawn a <tt>cat</tt> program for every diff --git a/doc/s6-fdholder-setdump.html b/doc/s6-fdholder-setdump.html @@ -56,7 +56,7 @@ wrong socket, for instance). </li> <li> 1: the server denied the operation. The meaning of the error messages is explained <a href="s6-fdholder-errorcodes.html">here</a>. </li> <li> 100: wrong usage. </li> - <li> 111: system call failed - that includes attempting to connect to a + <li> 111: system call failed - this includes attempting to connect to a nonexistent socket, or one where no <a href="s6-fdholderd.html">s6-fdholderd</a> daemon is listening. </li> </ul> @@ -69,7 +69,7 @@ already open in the <tt>s6-fdholder-setdump</tt> program; also, <tt>s6-fdholder- should have certain environment variables that describe that set of file descriptors. The format of the environment is the same as the one set by <a href="s6-fdholder-getdump.html">s6-fdholder-getdump</a>. </li> - <li> Setting the whole state of a s6-fdholderd daemon requires specific + <li> Setting the whole state of an s6-fdholderd daemon requires specific privileges. Make sure you properly <a href="s6-fdholderd.html#configuration">configure the s6-fdholderd access rights</a> so your client can perform that operation. </li> diff --git a/doc/s6-fdholder-store.html b/doc/s6-fdholder-store.html @@ -47,7 +47,7 @@ By default, <em>fd</em> is 0 (i.e. the program's stdin will be stored). </li> <li> <tt>-T <em>fdtimeout</em></tt> : the descriptor is stored with an expiration time of <em>fdtimeout</em> milliseconds, which means the <a href="s6-fdholderd.html">s6-fdholderd</a> daemon will close and get rid of -the descriptor after that time. By default, <em>fdtimeout</em> is 0, which +the descriptor after this time. By default, <em>fdtimeout</em> is 0, which means infinite - no expiration time. </li> <li> <tt>-t <em>timeout</em></tt> : if the operation cannot be processed in <em>timeout</em> milliseconds, then fail with an error message. @@ -63,7 +63,7 @@ wrong socket, for instance). </li> <li> 1: the server denied the operation. The meaning of the error messages is explained <a href="s6-fdholder-errorcodes.html">here</a>. </li> <li> 100: wrong usage. </li> - <li> 111: system call failed - that includes attempting to connect to a + <li> 111: system call failed - this includes attempting to connect to a nonexistent socket, or one where no <a href="s6-fdholderd.html">s6-fdholderd</a> daemon is listening. </li> </ul> diff --git a/doc/s6-fdholder-transferdump.html b/doc/s6-fdholder-transferdump.html @@ -65,7 +65,7 @@ is explained <a href="s6-fdholder-errorcodes.html">here</a>. </li> <li> 2: the destination server denied the operation. The meaning of the error messages is explained <a href="s6-fdholder-errorcodes.html">here</a>. </li> <li> 100: wrong usage. </li> - <li> 111: system call failed - that includes attempting to connect to a + <li> 111: system call failed - this includes attempting to connect to a nonexistent socket, or one where no <a href="s6-fdholderd.html">s6-fdholderd</a> daemon is listening. </li> </ul> diff --git a/doc/s6-fdholderd.html b/doc/s6-fdholderd.html @@ -84,7 +84,7 @@ It is impossible to set it higher than the number of files that can be opened by the s6-fdholderd process, minus a few descriptors needed for correct operation. Before running s6-fdholderd, make sure to <a href="s6-softlimit.html">properly adjust</a> the -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_resource.h.html">number +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_resource.h.html">number of openable files</a> of the current process. </li> <li> <tt>-t <em>clienttimeout</em></tt> : disconnect a client if it's in the middle of an operation and it has not written or read any @@ -96,7 +96,7 @@ before exiting after receiving a SIGTERM. By default, <em>lameducktimeout</em> is 0, which means infinite. </li> <li> <tt>-x <em>rulesfile</em></tt> : read access rights configuration from -<a href="http://en.wikipedia.org/wiki/Cdb_%28software%29">CDB</a> +<a href="https://en.wikipedia.org/wiki/Cdb_%28software%29">CDB</a> file <em>rulesfile</em>. </li> <li> <tt>-i <em>rulesdir</em></tt> : read access rights configuration from the filesystem in directory <em>rulesdir</em>. </li> @@ -148,7 +148,7 @@ it is possible to reuse the same identifier. </li> <a href="s6-fdholder-daemon.html">s6-fdholder-daemon</a>), it is necessary to configure it. This is done by a series of rules, or <em>ruleset</em>, stored in either a <em>rulesfile</em> in the -<a href="http://en.wikipedia.org/wiki/Cdb_%28software%29">CDB</a> format, +<a href="https://en.wikipedia.org/wiki/Cdb_%28software%29">CDB</a> format, or in a <em>rulesdir</em>, i.e. a directory in the filesystem following a certain format. s6-fdholderd will refuse to run if neither the <tt>-i</tt> nor the <tt>-x</tt> option has been provided. @@ -210,8 +210,8 @@ file named <tt>S6_FDHOLDER_STORE_REGEX</tt> is found is the <tt>env/</tt> subdirectory of one of the subdirectories checked by <a href="libs6/accessrules.html#uidgid">s6_accessrules_keycheck_uidgid</a>. This file should contain a single line, which will be interpreted as an -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">extended -regular expression</a> by s6-fdholderd; the regular expression describes the +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">Extended +Regular Expression</a> by s6-fdholderd; the regular expression describes the set of identifiers that the client is allowed to use to store file descriptors. For instance, <tt>^unix:/tmp/</tt> indicates that a client that matches this rule will be allowed to store or delete file descriptors @@ -222,8 +222,8 @@ file named <tt>S6_FDHOLDER_RETRIEVE_REGEX</tt> is found is the <tt>env/</tt> subdirectory of one of the subdirectories checked by <a href="libs6/accessrules.html#uidgid">s6_accessrules_keycheck_uidgid</a>. This file should contain a single line, which will be interpreted as an -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">extended -regular expression</a> by s6-fdholderd; the regular expression describes the +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">Extended +Regular Expression</a> by s6-fdholderd; the regular expression describes the set of identifiers that the client is allowed to use to retrieve file descriptors. For instance, <tt>^unix:/tmp/</tt> indicates that a client that matches this rule will be allowed to retrieve file descriptors that are @@ -253,7 +253,7 @@ to a dedicated uid that is only used to perform dump transfers. </li> <h3> Configuration examples </h3> <p> - Assuming you want to run a s6-fdholderd daemon in the + Assuming you want to run an s6-fdholderd daemon in the <tt>/service/fdholder</tt> directory with the <tt>-i rules</tt> option, you should: </p> diff --git a/doc/s6-ftrig-listen.html b/doc/s6-ftrig-listen.html @@ -40,8 +40,8 @@ to <em>fifodir2</em> with the regexp <em>regexp2</em>, and so on. </li> <li> It then forks and exec <em>prog...</em> with all its arguments </li> <li> It waits for the series of events received on <em>fifodir-i</em> to match <em>regexp-i</em>, The <em>regexp-i</em> must be -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">extended -regular expressions</a>. </li> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">Extended +Regular Expressions</a>. </li> <li> When the series of read events matches the <em>regexp</em>s, s6-ftrig-listen exits 0. </li> </ul> diff --git a/doc/s6-ftrig-listen1.html b/doc/s6-ftrig-listen1.html @@ -40,8 +40,8 @@ started <em>after</em> there is a listener for those events. <li> It then forks and exec <em>prog...</em> with all its arguments </li> <li> It waits for the series of events received on <em>fifodir</em> to match <em>regexp</em>. <em>regexp</em> must be an -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">extended -regular expression</a>. </li> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">Extended +Regular Expression</a>. </li> <li> When the series of read events matches <em>regexp</em>, s6-ftrig-listen1 prints the last event it received (one byte) to stdout, then exits 0. </li> diff --git a/doc/s6-ftrig-wait.html b/doc/s6-ftrig-wait.html @@ -33,8 +33,8 @@ waits for a pattern of events to occur on this fifodir. <li> s6-ftrig-wait subscribes to <em>fifodir</em> </li> <li> It waits for the series of events received on <em>fifodir</em> to match <em>regexp</em>. <em>regexp</em> must be an -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">extended -regular expression</a>. </li> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">Extended +Regular Expression</a>. </li> <li> When the series of read events matches <em>regexp</em>, s6-ftrig-wait prints the last event it received (one byte) to stdout, then exits 0. </li> diff --git a/doc/s6-ioconnect.html b/doc/s6-ioconnect.html @@ -63,7 +63,7 @@ for writing to correctly transmit an EOF. </li> <ul> <li> Transmitting EOF across full-duplex sockets -<a href="http://cr.yp.to/tcpip/twofd.html">is ugly</a>. The right thing +<a href="https://cr.yp.to/tcpip/twofd.html">is ugly</a>. The right thing in every case cannot be automatically determined, so it is up to the user to mention that a socket must be shut down. Most of the time, though, shutting down sockets after EOF <em>is</em> the right thing to do, so @@ -77,7 +77,7 @@ for testing purposes. <tt>s6-ioconnect</tt> is to s6-tcpclient as what it gets. </li> <li> On modern Linux systems, s6-ioconnect will perform zero-copy data transmission, via the -<a href="http://man7.org/linux/man-pages/man2/splice.2.html">splice</a> +<a href="https://man7.org/linux/man-pages/man2/splice.2.html">splice</a> system call. </li> <li> The s6-ioconnect utility was once part of the <a href="//skarnet.org/software/s6-networking/">s6-networking</a> diff --git a/doc/s6-ipcclient.html b/doc/s6-ipcclient.html @@ -20,7 +20,7 @@ <p> <tt>s6-ipcclient</tt> is an -<a href="http://cr.yp.to/proto/ucspi.txt">UCSPI client tool</a> for +<a href="https://cr.yp.to/proto/ucspi.txt">UCSPI client tool</a> for Unix domain sockets. It connects to a socket, then executes into a program. </p> diff --git a/doc/s6-ipcserver-access.html b/doc/s6-ipcserver-access.html @@ -67,7 +67,7 @@ its parent: <ul> <li> ${PROTO}LOCALPATH: set to the local "address" of the socket, as reported by the -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/getsockname.html">getsockname()</a> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/functions/getsockname.html">getsockname()</a> system call, truncated to 99 characters max. </li> </ul> @@ -98,7 +98,7 @@ looking it up via getsockname(). </li> <li> <tt>-i <em>rulesdir</em></tt> : check client credentials against a filesystem-based database in the <em>rulesdir</em> directory. </li> <li> <tt>-x <em>rulesfile</em></tt> : check client credentials -against a <a href="http://en.wikipedia.org/wiki/Cdb_(software)">cdb</a> +against a <a href="https://en.wikipedia.org/wiki/Cdb_(software)">cdb</a> database in the <em>rulesfile</em> file. <tt>-i</tt> and <tt>-x</tt> are mutually exclusive. If none of those options is given, no credential checking will be performed, and a warning will be emitted on every connection if @@ -118,7 +118,7 @@ if the <tt>-i</tt> option has been given. This option is the most flexible one: the directory format is simple enough for scripts to understand and modify it, and the ruleset can be changed dynamically. This is practical, for instance, for roaming users. </li> -<li> or in a <a href="http://en.wikipedia.org/wiki/Cdb_(software)">CDB +<li> or in a <a href="https://en.wikipedia.org/wiki/Cdb_(software)">CDB file</a>, if the <tt>-x</tt> option has been given. This option is the most efficient one if the ruleset is static enough: a lot less system calls are needed to perform searches in a CDB than in the filesystem. </li> diff --git a/doc/s6-ipcserver-socketbinder.html b/doc/s6-ipcserver-socketbinder.html @@ -33,7 +33,7 @@ socket, then executes a program. <li> s6-ipcserver-socketbinder creates a Unix domain socket and binds it to <em>path</em>. It prepares the socket to accept connections by calling -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/listen.html">listen()</a>. </li> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/functions/listen.html">listen()</a>. </li> <li> It then execs into <em>prog...</em> with the open socket as its standard input. </li> </ul> @@ -43,7 +43,7 @@ as its standard input. </li> <ul> <li> <tt>-d</tt> : allow instant rebinding to the same path even if it has been used not long ago - this is the SO_REUSEADDR flag to -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a> and is generally used with server programs. This is the default. Note that <em>path</em> will be deleted if it already exists at program start time. </li> <li> <tt>-D</tt> : disallow instant rebinding to the same path. </li> diff --git a/doc/s6-ipcserver.html b/doc/s6-ipcserver.html @@ -20,7 +20,7 @@ <p> <tt>s6-ipcserver</tt> is an -<a href="http://cr.yp.to/proto/ucspi.txt">UCSPI server tool</a> for +<a href="https://cr.yp.to/proto/ucspi.txt">UCSPI server tool</a> for Unix domain sockets, i.e. a super-server. It accepts connections from clients, and forks a program to handle each connection. @@ -86,7 +86,7 @@ programs to check when the server is ready to accept connections. </li> <li> <tt>-v</tt> : be verbose. </li> <li> <tt>-d</tt> : allow instant rebinding to the same path even if it has been used not long ago - this is the SO_REUSEADDR flag to -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a> and is generally used with server programs. This is the default. Note that <em>path</em> will be deleted if it already exists at program start time. </li> <li> <tt>-D</tt> : disallow instant rebinding to the same path. </li> diff --git a/doc/s6-log.html b/doc/s6-log.html @@ -20,7 +20,7 @@ <p> s6-log is a reliable logging program with automated log rotation, similar to -daemontools' <a href="http://cr.yp.to/daemontools/multilog.html">multilog</a>, +daemontools' <a href="https://cr.yp.to/daemontools/multilog.html">multilog</a>, with full POSIX regular expression support. </p> @@ -51,7 +51,7 @@ in order to process log lines. </li> <li> <tt>-b</tt> : blocking mode. With this option, s6-log stops reading its standard input while it has unflushed buffers. This ensures that every log line has been fully processed before reading the next one; this is also -<a href="http://cr.yp.to/daemontools/multilog.html">multilog</a>'s behaviour. +<a href="https://cr.yp.to/daemontools/multilog.html">multilog</a>'s behaviour. By default, s6-log keeps reading from stdin even if its buffers still contain data. <tt>-b</tt> is safer, but may slow down your service; the default is faster, but may lead to unbound memory use if you have a lot of output to @@ -99,7 +99,7 @@ to make sure only one instance is running at the same time. </li> If <tt>current</tt> has the executable-by-user flag, it means that no s6-log process is currently writing to it and the previous s6-log process managed to cleanly finalize it. If it does not, -either a s6-log process is writing to it or the previous one +either an s6-log process is writing to it or the previous one has been interrupted without finalizing it. </li> <li> <tt>state</tt>: last processor's output, see below. </li> <li> <tt>previous</tt>: a rotation is happening in that logdir. </li> @@ -185,7 +185,7 @@ line is selected. <ul> <li> <strong>+<em>regexp</em></strong>: select yet-unselected lines that match <em>regexp</em>, which must be a -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">POSIX +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap09.html#tag_09_04">POSIX Extended Regular Expression</a>. </li> <li> <strong>-<em>regexp</em></strong>: deselect yet-selected lines that match <em>regexp</em>, which must be a POSIX Extended Regular Expression. </li> @@ -250,7 +250,7 @@ timestamp</a> (and a space) before being processed by the next action directive. Giving the <tt>t</tt> directive several times before an action directive has no effect. </li> <li> <strong>T</strong>: the selected line will be prepended with a -<a href="http://en.wikipedia.org/wiki/ISO_8601">ISO 8601 +<a href="https://en.wikipedia.org/wiki/ISO_8601">ISO 8601 timestamp</a> for combined date and time representing <em>local time</em> according to the system's timezone, with a space (not a 'T') between the date and the time and two spaces after the time, before being @@ -333,7 +333,7 @@ a maximum of 30 such files or a total of 15 MB of compressed archive files. </li </ul> -<h2> Why use execlineb to interpret the "processor" string ? </h2> +<h2> Why use execlineb to interpret the "processor" string? </h2> <p> Because it is <em>exactly</em> what @@ -346,7 +346,7 @@ is for. to be able to run a complete command line, with an executable name and its arguments. </li> <li> We could interpret the <em>processor</em> string via <tt>/bin/sh</tt>. -This is what <a href="http://cr.yp.to/daemontools/multilog.html">multilog</a> +This is what <a href="https://cr.yp.to/daemontools/multilog.html">multilog</a> does. However, <tt>/bin/sh</tt>, despite being the traditional Unix interpreter, is overpowered for this. We don't need a complete shell script interpreter: most <em>processor</em> commands will be very simple, with only two or three @@ -363,7 +363,7 @@ reason to use the seriously, it <em>really</em> is the perfect tool for the job. </li> </ul> -<h2> Why have another logging mechanism ? </h2> +<h2> Why have another logging mechanism? </h2> <p> Because the syslog mechanism and all its implementations (save one) suck. @@ -375,7 +375,7 @@ I'm not being judgmental; I'm just stating the obvious. </a> <p> -<a href="http://blog.gerhards.net/2007/08/why-does-world-need-another-syslogd.html">When +<a href="https://blog.gerhards.net/2007/08/why-does-world-need-another-syslogd.html">When asked why he started rsyslog</a>, Rainer Gerhards came up with a lot of hand-waving and not a single word about technical points. There is a reason for that: rsyslog is forked from sysklogd! So, no matter how @@ -416,7 +416,7 @@ up a disk before a rotation occurs. I am all for separating tasks that can be separated, but there is no choice here: <em>logging and log rotation management must be done <strong>by the same tool</strong></em>. Only a few non-mainstream implementations of syslogd do this, including the -<a href="http://busybox.net/">Busybox</a> one - and that is a +<a href="https://busybox.net/">Busybox</a> one - and that is a feature added by the Busybox developers who are aware of the problem but want to maintain compatibility with the historical syslogd. Neither syslogd (-ng or not) nor rsyslogd manages its log files: that's a @@ -425,14 +425,14 @@ flaw that no amount of external tools is going to fix. </li> complex processes running as root mean: bugs turning into security holes. </li> <li> syslog requires a syslogd service, and fails otherwise. A syslogd service may not be present, it may fail... or it may want to log stuff. -Who's going to take care of syslogd's error messages ? </li> +Who's going to take care of syslogd's error messages? </li> </ul> <p> syslog is slow, it's unsafe, and it's incomplete. The only reason people use it is because it's historical, it exists, and there hasn't been any serious alternative yet, except maybe -<a href="http://cr.yp.to/daemontools/multilog.html">multilog</a>, which +<a href="https://cr.yp.to/daemontools/multilog.html">multilog</a>, which s6-log improves upon. </p> @@ -502,7 +502,7 @@ system console. </li> </ul> <a name="howtouse"> -<h3> What does s6-log have to do with all this ? </h3> +<h3> What does s6-log have to do with all this? </h3> </a> <p> @@ -524,7 +524,7 @@ not waste resources. </li> is as powerful as a traditional syslogd. </li> <li> s6-log can log to a RAM filesystem and thus is suitable as a catch-all logger. Clever tricks like Upstart's <em>logd</em> or daemontools' -<a href="http://cr.yp.to/daemontools/readproctitle.html">readproctitle</a> +<a href="https://cr.yp.to/daemontools/readproctitle.html">readproctitle</a> are just that: tricks. s6-log gives a unified interface to all of your system's loggers. </li> </ul> diff --git a/doc/s6-svc.html b/doc/s6-svc.html @@ -150,7 +150,7 @@ process is <a href="s6-log.html">s6-log</a>, this triggers a log rotation. <ul> <li> s6-svc writes control commands into the <tt><em>servicedir</em>/supervise/control</tt> -FIFO. A s6-supervise process running on <em>servicedir</em> will be listening to this FIFO, +FIFO. An s6-supervise process running on <em>servicedir</em> will be listening to this FIFO, and will read and interpret those commands. </li> <li> When invoked with one of the <tt>-w</tt> options, s6-svc executes into <a href="s6-svlisten1.html">s6-svlisten1</a>, which will listen to service state diff --git a/doc/s6-svscan-1.html b/doc/s6-svscan-1.html @@ -93,7 +93,7 @@ stages and delegating every stage's work to a different script that is <p> One init to rule them all? -<a href="http://en.wikipedia.org/wiki/Porgy_and_Bess">It ain't necessarily so!</a> +<a href="https://en.wikipedia.org/wiki/Porgy_and_Bess">It ain't necessarily so!</a> </p> <a name="stage2"> @@ -102,7 +102,7 @@ stages and delegating every stage's work to a different script that is <p> init does not have the right to die, but fortunately, <em>it has the right -to <a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/execve.html">execve()</a>!</em> +to <a href="https://pubs.opengroup.org/onlinepubs/9699919799/functions/execve.html">execve()</a>!</em> During stage 2, why use precious RAM, or at best, swap space, to store data that are only relevant to stages 1 or 3? It only makes sense to have an init process that handles stage 1, then executes into an init process that diff --git a/doc/s6-svscan.html b/doc/s6-svscan.html @@ -32,7 +32,7 @@ the root or a branch of a <em>supervision tree</em>. <ul> <li> If given a <em>scandir</em> argument, s6-svscan switches to it. Else it uses -its current directory as <a href="scandir.html">scan directory</a>. </li> +its current directory as the <a href="scandir.html">scan directory</a>. </li> <li> It exits 100 if another s6-svscan process is already monitoring this <a href="scandir.html">scan directory</a>. </li> <li> If the <tt>./.s6-svscan</tt> control directory does not exist, @@ -174,7 +174,7 @@ command, s6-svscan runs a <em>reaper</em> routine. <p> The reaper acknowledges (via some -<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/wait.html">wait()</a> +<a href="https://pubs.opengroup.org/onlinepubs/9699919799/functions/wait.html">wait()</a> function), without blocking, every terminated child of s6-svscan, even ones it does not know it has. This is especially important when <a href="s6-svscan-1.html">s6-svscan is run as process 1</a>. @@ -204,7 +204,7 @@ It skips names starting with dots. It will not create services for more than <p> For every new subdirectory <em>dir</em> it finds, the scanner spawns a <a href="s6-supervise.html">s6-supervise</a> process on it. If -<em>dir</em><tt>/log</tt> exists, it spawns a s6-supervise process on +<em>dir</em><tt>/log</tt> exists, it spawns an s6-supervise process on both <em>dir</em> and <em>dir</em><tt>/log</tt>, and maintains a never-closing pipe from the service's stdout to the logger's stdin. This is <em>starting the service</em>, with or without a corresponding diff --git a/doc/s6-svscanctl.html b/doc/s6-svscanctl.html @@ -101,7 +101,7 @@ script with the <tt>reboot</tt> argument. <p> s6-svscanctl writes control commands into the <tt><em>svscandir</em>/.s6-svscan/control</tt> -FIFO. A s6-svscan process running on <em>svscandir</em> will be listening to this FIFO, +FIFO. An s6-svscan process running on <em>svscandir</em> will be listening to this FIFO, and will read and interpret those commands. </p> diff --git a/doc/s6-svstat.html b/doc/s6-svstat.html @@ -106,9 +106,9 @@ killed by a signal, <tt>NA</tt> is printed instead. </li> <li> <tt>signum</tt>: print the number of the signal the last <tt>./run</tt> process was killed with. If the service is currently up, or the last <tt>./run</tt> process was not killed by a signal, <tt>-1</tt> is printed instead. </li> - <li> <tt>updownsince</tt>: print a <a href="http://cr.yp.to/libtai/tai64.html">TAI64N + <li> <tt>updownsince</tt>: print a <a href="https://cr.yp.to/libtai/tai64.html">TAI64N label</a> representing the absolute date when the service last changed states. </li> - <li> <tt>readysince</tt>: print a <a href="http://cr.yp.to/libtai/tai64.html">TAI64N + <li> <tt>readysince</tt>: print a <a href="https://cr.yp.to/libtai/tai64.html">TAI64N label</a> representing the absolute date when the service last became ready. Note that this can either mean "service readiness" (if the service is currently up and ready), or "down readiness", i.e. the last time when the service was down and ready to be started diff --git a/doc/scandir.html b/doc/scandir.html @@ -34,7 +34,7 @@ listed in the scan directory will be supervised. <p> There is normally only one scan directory per system, although nothing prevents a system administrator from having more. -<a href="http://cr.yp.to/daemontools.html">daemontools</a> traditionally +<a href="https://cr.yp.to/daemontools.html">daemontools</a> traditionally uses <tt>/service</tt>, and <a href="http://smarden.org/runit/">runit</a> traditionally uses <tt>/etc/service</tt>. s6 does not care where your scan directory is, but I would advise <tt>/service</tt> for compatibility @@ -82,7 +82,7 @@ system - and on your personal preference too. </p> <p> - Standard <a href="http://cr.yp.to/daemontools.html">daemontools</a> and + Standard <a href="https://cr.yp.to/daemontools.html">daemontools</a> and <a href="http://smarden.org/runit/">runit</a> installations like to have a fixed scan directory containing symlinks to service directories located in the service repository. In other words, the service repository contains @@ -96,7 +96,7 @@ subdirectories in every managed service directory. This can be achieved for instance via symlinks, or by having the service repository stored on a writable filesystem. </li> <li> The scan program (<a href="s6-svscan.html">s6-svscan</a>, -<a href="http://cr.yp.to/daemontools/svscan.html">svscan</a>, +<a href="https://cr.yp.to/daemontools/svscan.html">svscan</a>, <a href="http://smarden.org/runit/runsvdir.8.html">runsvdir</a>...) is started late enough for all the necessary filesystems to be mounted. </li> </ul> diff --git a/doc/servicedir.html b/doc/servicedir.html @@ -71,7 +71,7 @@ to log <em>stderr</em> as well, so the run script should make sure that its stderr goes into the log pipe. This is achieved by <tt><a href="//skarnet.org/software/execline/fdmove.html">fdmove</a> -c 2 1</tt> in <a href="//skarnet.org/software/execline/">execline</a>, -and <tt>exec 2>&1</tt> in <a href="http://pubs.opengroup.org/onlinepubs/9699919799/utilities/sh.html">shell</a>. +and <tt>exec 2>&1</tt> in <a href="https://pubs.opengroup.org/onlinepubs/9699919799/utilities/sh.html">shell</a>. </li> <li> adjust the environment for your <em>foo</em> daemon. Normally the run script inherits its environment from <a href="s6-supervise.html">s6-supervise</a>, @@ -209,7 +209,7 @@ directory. </p> <a name="where"> - <h2> Where to store my service directories ? </h2> + <h2> Where should I store my service directories? </h2> </a> <p> @@ -241,7 +241,7 @@ collection. This is the easy setup, not requiring an external init system to mount your filesystems - however, it requires your root filesystem to be read-write, which is unacceptable if you are concerned with reliability - if you are, for instance, designing an embedded platform. </li> - <li> <a href="http://code.dogmap.org/">Some people</a> like to have + <li> <a href="https://code.dogmap.org/">Some people</a> like to have their service directories in a read-only filesystem, with <tt>supervise</tt> symlinks pointing to various places in writable filesystems. This setup looks a bit complex to me: it requires careful handling of the writable diff --git a/doc/socket-activation.html b/doc/socket-activation.html @@ -25,7 +25,7 @@ advocates that mixes a couple useful architecture concepts and several horrible ideas, for a very minor speed benefit. Read <a href="//skarnet.org/cgi-bin/archive.cgi?2:mss:423:oanakciaccabjicoagef">this mail</a> and -<a href="http://forums.gentoo.org/viewtopic-t-994548-postdays-0-postorder-asc-start-25.html#7581522">this +<a href="https://forums.gentoo.org/viewtopic-t-994548-postdays-0-postorder-asc-start-25.html#7581522">this post</a> for details. </p> diff --git a/doc/why.html b/doc/why.html @@ -26,14 +26,14 @@ <li> Good (?) old System V init, which can be made to supervise services if you perform <tt>/etc/inittab</tt> voodoo. BSD init can also be used the same way with the <tt>/etc/ttys</tt> file, but for some reason, nobody among BSD developers is using <tt>/etc/ttys</tt> to this purpose, so I won't consider BSD init here. </li> - <li> <a href="http://cr.yp.to/daemontools.html">daemontools</a>, the pioneer </li> - <li> <a href="http://untroubled.org/daemontools-encore/">daemontools-encore</a>, Bruce Guenter's upgrade to daemontools </li> + <li> <a href="https://cr.yp.to/daemontools.html">daemontools</a>, the pioneer </li> + <li> <a href="https://untroubled.org/daemontools-encore/">daemontools-encore</a>, Bruce Guenter's upgrade to daemontools </li> <li> <a href="http://smarden.org/runit/">runit</a>, Gerrit Pape's suite, well-integrated with Debian </li> <li> <a href="http://b0llix.net/perp/">perp</a>, Wayne Marshall's take on supervision </li> <li> Integrated init systems providing a lot of features, process supervision being one of them. -For instance, <a href="http://upstart.ubuntu.com/">Upstart</a>, MacOS X's -<a href="http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man8/launchd.8.html">launchd</a>, -and Fedora's <a href="http://freedesktop.org/wiki/Software/systemd">systemd</a>. </li> +For instance, <a href="https://upstart.ubuntu.com/">Upstart</a>, MacOS X's +<a href="https://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man8/launchd.8.html">launchd</a>, +and Fedora's <a href="https://freedesktop.org/wiki/Software/systemd">systemd</a>. </li> </ul> <p> @@ -67,7 +67,7 @@ never wakes up unless it receives a command via s6-svscanctl. </li> <li> System V init <em>is</em> process 1, so no problem here. </li> <li> Integrated init systems, by definition, provide a process 1. </li> <li> daemontools was not designed to take over init, although -<a href="http://code.dogmap.org./svscan-1/">it can be made to work</a> with +<a href="https://code.dogmap.org./svscan-1/">it can be made to work</a> with enough hacking skills. Same thing with daemontools-encore. </li> <li> runit provides an <em>init</em> functionality, but the mechanism is separate from the supervision itself; the <tt>runit</tt> process, not the @@ -102,7 +102,9 @@ process 1 against libdbus. This is insane. Process 1 should be <em>absolutely stable</em>, it should be guaranteed to never crash, so the whole of its source code should be under control. At Upstart's level of complexity, those goals are outright impossible to achieve, -so this approach is flawed by design. </li> +so this approach is flawed by design. It is a shame, because the concepts +and ideas behind Upstart are <em>good</em> and <em>sound</em>; it's the +implementation choices that are its downfall. </li> <li> launchd suffers from the same kind of problems. Example: Services running under launchd must be configured <a href="https://developer.apple.com/library/mac/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingLaunchdJobs.html">using @@ -163,10 +165,10 @@ and instantly respond to commands they may receive. <tt>s6-supervise</tt> has even been implemented as a full deterministic finite automaton, to ensure it always does the right thing under any circumstance. Other supervision suites do not achieve that for now. </li> - <li> daemontools' <a href="http://cr.yp.to/daemontools/svscan.html">svscan</a> + <li> daemontools' <a href="https://cr.yp.to/daemontools/svscan.html">svscan</a> maintains an open pipe between a daemon and its logger, so even if the daemon, the logger, <em>and</em> both -<a href="http://cr.yp.to/daemontools/supervise.html">supervise</a> processes +<a href="https://cr.yp.to/daemontools/supervise.html">supervise</a> processes die, the pipe is still the same so <em>no logs are lost, ever</em>, unless svscan itself dies. </li> <li> runit has only one supervisor, <a href="http://smarden.org/runit/runsv.8.html">runsv</a>,