Merge changes from docs git

Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2025-08-21 00:02:53 +00:00 · 2017-08-12 04:27:41 +10:00 · 2017-08-12 04:27:41 +10:00 · 47e124bbcc
commit 47e124bbcc
parent 4e0588bbcd
3 changed files with 15 additions and 4 deletions
--- a/docs/os/index.md
+++ b/docs/os/index.md
@ -1,11 +1,12 @@
 ---
-title: Overview of RancherOS
+title: RancherOS Documentation
+description: RancherOS is a simplified Linux distribution built from containers, for containers. These documents describe how to install and use RancherOS.
 layout: os-default
 ---

 ## Overview of RancherOS
 ---
-RancherOS is the smallest, easiest way to run Docker in production.  Everything in RancherOS is a container managed by Docker. This includes system services such as `udev` and `syslog`.  RancherOS is dramatically smaller than most traditional operating systems, because it only includes the services necessary to run Docker. By removing unnecessary libraries and services, requirements for security patches and other maintenance are dramatically reduced. This is possible because with Docker, users typically package all necessary libraries into their containers.
+RancherOS is the smallest, easiest way to run Docker in production.  Everything in RancherOS is a container managed by Docker. This includes system services such as `udev` and `syslog`.  Decause it only includes the services necessary to run Docker, RancherOS is dramatically smaller than most traditional operating systems. By removing unnecessary libraries and services, requirements for security patches and other maintenance are dramatically reduced. This is possible because, with Docker, users typically package all necessary libraries into their containers.

 Another way in which RancherOS is designed specifically for running Docker is that it always runs the latest version of Docker. This allows users to take advantage of the latest Docker capabilities and bug fixes.

--- a/docs/os/security/index.md
+++ b/docs/os/security/index.md
@ -31,5 +31,6 @@ layout: os-default
 |----|-------------|------|------------|
 | [CVE-2017-6074](http://seclists.org/oss-sec/2017/q1/471) | Local privilege-escalation using a user after free issue in [Datagram Congestion Control Protocol (DCCP)](https://wiki.linuxfoundation.org/networking/dccp). DCCP is built into the RancherOS kernel as a dynamically loaded module, and isn't loaded by default. | 17 Feb 2017 | [RancherOS v0.8.1](https://github.com/rancher/os/releases/tag/v0.8.1) using a [patched 4.9.12 Linux kernel](https://github.com/rancher/os-kernel/releases/tag/v4.9.12-rancher) |
 | [CVE-2017-7184](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7184) | Allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability. | 3 April 2017 | [RancherOS v0.9.2-rc1](https://github.com/rancher/os/releases/tag/v0.9.2-rc1) using Linux 4.9.20 |
-
+| [CVE-2017-1000364](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364) | Linux Kernel is prone to a local memory-corruption vulnerability. Attackers may be able to exploit this issue to execute arbitrary code with elevated privileges | 19 June 2017 | [RancherOS v1.0.3](https://github.com/rancher/os/releases/tag/v1.0.3) |
+| [CVE-2017-1000366](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000366) | glibc contains a vulnerability that allows manipulation of the heap/stack. Attackers may be able to exploit this issue to execute arbitrary code with elevated privileges | 19 June 2017 | [RancherOS v1.0.3](https://github.com/rancher/os/releases/tag/v1.0.3) |

--- a/docs/os/storage/using-zfs/index.md
+++ b/docs/os/storage/using-zfs/index.md
@ -26,7 +26,7 @@ $ lsmod | grep zfs

 > *Note:* if you switch consoles, you may need to re-run `ros up zfs`.

-#### Using ZFS
+#### Creating ZFS pools

 After it's installed, it should be ready to use. Make a zpool named `zpool1` using a device that you haven't yet partitioned (you can use `sudo fdisk -l` to list all the disks and their partitions).

@ -46,6 +46,15 @@ $ docker run --rm -it -v /mnt/zpool1/:/data alpine ls -la /data

 To experiment with ZFS, you can create zpool backed by just ordinary files, not necessarily real block devices. In fact, you can mix storage devices in your ZFS pools; it's perfectly fine to create a zpool backed by real devices **and** ordinary files.

+#### Using the ZFS debugger utility
+
+The `zdb` command may be used to display information about ZFS pools useful to diagnose failures and gather statistics. By default the utility tries to load pool configurations from `/etc/zfs/zpool.cache`. Since the RancherOS ZFS service does not make use of the ZFS cache file and instead detects pools by inspecting devices, the `zdb` utility has to be invoked with the `-e` flag.
+
+E.g. to show the configuration for the pool `zpool_1` you may run the following command:
+
+> $ sudo zdb -e -C zpool_1
+
+
 ## ZFS storage for Docker on RancherOS

 First, you need to stop  the`docker` system service and wipe out `/var/lib/docker` folder: