diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md
index 624f912c..534039ad 100644
--- a/docs/src/SUMMARY.md
+++ b/docs/src/SUMMARY.md
@@ -31,7 +31,7 @@
 
 - [Understanding `bootc install`](bootc-install.md)
 - [`man bootc-install.md`](man/bootc-install.md)
-- [`man bootc-install-config`](man-md/bootc-install-config.md)
+- [`man bootc-install-config`](man/bootc-install-config.md)
 - [`man bootc-install-to-disk.md`](man/bootc-install-to-disk.md)
 - [`man bootc-install-to-filesystem.md`](man/bootc-install-to-filesystem.md)
 
diff --git a/docs/src/building/users-and-groups.md b/docs/src/building/users-and-groups.md
index b548ddff..6f05f40b 100644
--- a/docs/src/building/users-and-groups.md
+++ b/docs/src/building/users-and-groups.md
@@ -144,7 +144,7 @@ or `DynamicUser=yes`.
 
 ### Machine-local state for users
 
-At this point, it is important to understand the [filesystem](filesystem.md)
+At this point, it is important to understand the [filesystem](../filesystem.md)
 layout - the default is up to the base image.
 
 The default Linux concept of a user has data stored in both `/etc` (`/etc/passwd`, `/etc/shadow` and groups)
diff --git a/docs/src/relationship-particles.md b/docs/src/relationship-particles.md
index dd6893b7..2ccef1ff 100644
--- a/docs/src/relationship-particles.md
+++ b/docs/src/relationship-particles.md
@@ -149,7 +149,7 @@ and apply that to the base operating system too.
 There is a very strong security rationale behind much of the design proposal
 of "particles" and DDIs.  It is absolutely true today, quoting the blog:
 
-> That said, I think [OCI has] relatively weak properties, in particular when it comes to security, since immutability/measurements and similar are not provided. This means, unlike for system extensions and portable services a complete trust chain with attestation and per-app cryptographically protected data is much harder to implement sanely.
+> That said, I think \[OCI has\] relatively weak properties, in particular when it comes to security, since immutability/measurements and similar are not provided. This means, unlike for system extensions and portable services a complete trust chain with attestation and per-app cryptographically protected data is much harder to implement sanely.
 
 The [composefs project](https://github.com/containers/composefs/) aims to close
 this gap, and the bootc project will use it, and has an explicit goal