Friday, July 21, 2017

man-pages-4.12 is released

I've released man-pages-4.12. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from around 30 contributors. It includes just under 200 commits changing around 90 pages. This is a relatively small release, with one new manual page, ioctl_getfsmap(2). The most significant change in the release consists of a number of additions and improvements in the ld.so(8) page.

Tuesday, May 23, 2017

Linux Shared Libraries course, Munich, Germany, 20 July 2017

I've scheduled a public instance of my "Building and Using Shared Libraries on Linux" course to take place in Munich, Germany on 20 July 2017.  This one-day course provides a thorough introduction to building and using shared libraries. covering topics such as: the basics of creating, installing, and using shared libraries; shared library versioning and naming conventions; the role of the dynamic linker; run-time symbol resolution; controlling symbol visibility; symbol versioning; preloading shared libraries; and dynamically loaded libraries (dlopen). The course format is a mixture of theory and practical.

The course is aimed at programmers who create and use shared libraries. Systems administrators who are managing and troubleshooting applications that use shared libraries will also find the course useful.

You can find out more about the course (such as expected background and course pricing) at http://man7.org/training/shlib/ and see a detailed course outline at
http://man7.org/training/shlib/shlib_course_outline.html.

Cgroups/namespaces/seccomp/capabilities course

There are still some places available on my "Linux Security and Isolation APIs" that will take place in Munich, Germany on 17-19 July 2017.  This three-day course provides a deep understanding of the low-level Linux features (set-UID/set-GID programs, capabilities, namespaces, cgroups, and seccomp) used to implement privileged applications and build container, virtualization, and sandboxing technologies. The course format is a mixture of theory and practical.

The course is aimed at designers and programmers building privileged applications, container applications, and sandboxing applications. Systems administrators who are managing such applications are also likely to find the course of benefit.

You can find out more about the course (such as expected background and course pricing) at
http://man7.org/training/sec_isol_apis/
and see a detailed course outline at
http://man7.org/training/sec_isol_apis/sec_isol_apis_course_outline.html

Wednesday, May 3, 2017

man-pages-4.11 is released

I've released man-pages-4.11. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from over 30 contributors. It includes more than 300 commits changing over 100 pages. The changes include the addition of 5 pages, significant rewriting of 1 other page, and enhancements to many other pages.

Among the more significant changes in man-pages-4.11 are the following:

  • Two new pages, userfaultfd(2) and ioctl_userfaultfd(2), written by me and Mike Rapoport, document the userfaultfd() system call that was added in Linux 4.3, along with associated ioctl() operations that can be performed on the file descriptor returned by that system call.
  • A new statx(2) man page, written by David Howells, documents the statx() system call that was added in the just-released Linux 4.11 kernel.
  • A new pthread_atfork(3) manual page documents the pthread_atfork() library function.
  • The slabinfo(5) has been heavily updated to reflect current kernel details.

Wednesday, April 26, 2017

Linux Security and Isolation APIs course in Munich (17-19 July 2017)

I've scheduled the first public instance of my "Linux Security and Isolation APIs" course to take place in Munich, Germany on 17-19 July 2017. (I've already run the course a few times very successfully in non-public settings.) This three-day course provides a deep understanding of the low-level Linux features (set-UID/set-GID programs, capabilities, namespaces, cgroups, and seccomp) used to build container, virtualization, and sandboxing technologies. The course format is a mixture of theory and practical.

The course is aimed at designers and programmers building privileged applications, container applications, and sandboxing applications. Systems administrators who are managing such applications are also likely to find the course of benefit.

You can find out more about the course (such as expected background and course pricing) at
http://man7.org/training/sec_isol_apis/
and see a detailed course outline at
http://man7.org/training/sec_isol_apis/sec_isol_apis_course_outline.html

Tuesday, March 14, 2017

man-pages-4.10 is released

I've released man-pages-4.10. The release tarball is available on kernel.org. The browsable online pages can be found on man7.org. The Git repository for man-pages is available on kernel.org.

This release resulted from patches, bug reports, reviews, and comments from over 40 contributors. This release sees a large number of changes: over 600 commits changing around 160 pages. The changes include the addition of 11 pages, significant rewrites of 3 other pages, and enhancements to many other pages.

Among the more significant changes in man-pages-4.10 are the following:

  • The pages—add_key(2)keyctl(2), and request_key(2)—describing the system calls for the kernel key-management facility have been substantially revised and extended. The keyctl(2) page consequently saw a tenfold increase in size. I did much of the work here, with a lot of help from Eugene Syromyatnikov.
  • In cooperation with David Howells, the maintainer of the libkeyutils package (and the developer of the kernel key management facility), a number of pages in the libkeyutils package were moved to the man-pages project. The rationale for this change is that these pages describe kernel interfaces, and so man-pages is more reasonably their home. During the migration, many of these pages were also substantially enhanced. The migrated pages are: keyrings(7)persistent-keyring(7)process-keyring(7), session-keyring(7)thread-keyring(7)user-keyring(7), and user-session-keyring(7). Thanks to David Howells and Eugene Syromyatnikov for a lot of assistance with reworking the pages.
  • I've added a new ioctl_iflags(2) page which describes inode flags (the attributes manipulated by the chattr(1) command) and the ioctl() operations for working with those flags.
  • The details on the ioctl() operations that can be used with namespaces have been moved from the namespaces(7) page into a new ioctl_ns(2) page
  • I've written a getentropy(3) page, which describes the new getentropy() function added in glibc version 2.25. This function, layered on top of the getrandom(2) system call, enables the caller to obtain bytes of randomness.
  • The discussion of async-signal-safety has been moved out of the signal(7) manual page into a new new signal-safety(7) page. Along the way, some details have been added to the page, including discussion of a few glibc deviations from the POSIX standard.

Friday, January 27, 2017

Next Linux/UNIX System Programming course in Munich: 15-19 May, 2017

I've scheduled another 5-day Linux/UNIX System Programming course to take place in Munich, Germany, for the week of 15-19 May 2017.

The course is intended for programmers developing system-level, embedded, or network applications for Linux and UNIX systems, or programmers porting such applications from other operating systems (e.g., Windows) to Linux or UNIX. The course is based on my book, The Linux Programming Interface (TLPI), and covers topics such as low-level file I/O; signals and timers; creating processes and executing programs; POSIX threads programming; interprocess communication (pipes, FIFOs, message queues, semaphores, shared memory), and network programming (sockets).
     
The course has a lecture+lab format, and devotes substantial time to working on some carefully chosen programming exercises that put the "theory" into practice. Students receive printed and electronic copies of TLPI, along with a 600-page course book that includes all slides and exercises presented in the course. A reading knowledge of C is assumed; no previous system programming experience is needed.

Some useful links for anyone interested in the course:

Questions about the course? Email me via training@man7.org.