LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

openat2.2: ffix (mainly: replace blank lines by .IP or .PP) 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2020-03-30 09:37:03 +02:00
parent 669403e99e
commit 0389373e6e
1 changed files with 18 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
man2/openat2.2
View File

@ -119,10 +119,8 @@ the
for more detail on why this is necessary.) for more detail on why this is necessary.)
.PP .PP
The meaning of each field is as follows: The meaning of each field is as follows:
.RS .TP
.I flags .I flags
.RS
The file creation and status flags to use for this operation. The file creation and status flags to use for this operation.
All of the All of the
.B O_* .B O_*
@ -131,22 +129,20 @@ flags defined for
are valid are valid
.BR openat2 () .BR openat2 ()
flag values. flag values.
.IP
Unlike Unlike
.BR openat (2), .BR openat (2),
it is an error to provide it is an error to provide
.BR openat2 () .BR openat2 ()
unknown or conflicting flags in unknown or conflicting flags in
.IR flags . .IR flags .
.RE .TP
.I mode
.IR mode
.RS
File mode for the new file, with identical semantics to the File mode for the new file, with identical semantics to the
.I mode .I mode
argument to argument to
.BR openat (2). .BR openat (2).
.IP
Unlike Unlike
.BR openat (2), .BR openat (2),
it is an error to provide it is an error to provide
@ -161,10 +157,8 @@ a non-zero
.IR mode " if " flags .IR mode " if " flags
does not contain does not contain
.BR O_CREAT " or " O_TMPFILE . .BR O_CREAT " or " O_TMPFILE .
.RE .TP
.I resolve .I resolve
.RS
Change how Change how
.B all .B all
components of components of
@ -177,11 +171,12 @@ how untrusted paths (or paths inside untrusted directories) are resolved.
The full list of The full list of
.I resolve .I resolve
flags is given below. flags is given below.
.RS
.TP .TP
.B RESOLVE_NO_XDEV .B RESOLVE_NO_XDEV
Disallow traversal of mount points during path resolution (including all bind Disallow traversal of mount points during path resolution (including all bind
mounts). mounts).
.IP
Users of this flag are encouraged to make its use configurable (unless it is Users of this flag are encouraged to make its use configurable (unless it is
used for a specific security purpose), as bind mounts are very widely used by used for a specific security purpose), as bind mounts are very widely used by
end-users. end-users.
@ -193,7 +188,7 @@ may result in spurious errors on previously-functional systems.
Disallow resolution of symbolic links during path resolution. Disallow resolution of symbolic links during path resolution.
This option implies This option implies
.BR RESOLVE_NO_MAGICLINKS . .BR RESOLVE_NO_MAGICLINKS .
.IP
If the trailing component is a symbolic link, and If the trailing component is a symbolic link, and
.I flags .I flags
contains both contains both
@ -201,7 +196,7 @@ contains both
then an then an
.B O_PATH .B O_PATH
file descriptor referencing the symbolic link will be returned. file descriptor referencing the symbolic link will be returned.
.IP
Users of this flag are encouraged to make its use configurable (unless it is Users of this flag are encouraged to make its use configurable (unless it is
used for a specific security purpose), as symbolic links are very widely used used for a specific security purpose), as symbolic links are very widely used
by end-users. by end-users.
@ -211,7 +206,7 @@ may result in spurious errors on previously-functional systems.
.TP .TP
.B RESOLVE_NO_MAGICLINKS .B RESOLVE_NO_MAGICLINKS
Disallow all magic link resolution during path resolution. Disallow all magic link resolution during path resolution.
.IP
If the trailing component is a magic link, and If the trailing component is a magic link, and
.I flags .I flags
contains both contains both
@ -219,7 +214,7 @@ contains both
then an then an
.B O_PATH .B O_PATH
file descriptor referencing the magic link will be returned. file descriptor referencing the magic link will be returned.
.IP
Magic-links are symbolic link-like objects that are most notably found in Magic-links are symbolic link-like objects that are most notably found in
.BR proc (5) .BR proc (5)
(examples include (examples include
@ -237,7 +232,7 @@ is not a descendant of the directory indicated by
This results in absolute symbolic links (and absolute values of This results in absolute symbolic links (and absolute values of
.IR pathname ) .IR pathname )
to be rejected. to be rejected.
.IP
Currently, this flag also disables magic link resolution. Currently, this flag also disables magic link resolution.
However, this may change in the future. However, this may change in the future.
The caller should explicitly specify The caller should explicitly specify
@ -260,7 +255,7 @@ If
.I pathname .I pathname
is an absolute path, it is also treated relative to is an absolute path, it is also treated relative to
.IR dirfd . .IR dirfd .
.IP
However, unlike However, unlike
.BR chroot (2) .BR chroot (2)
(which changes the filesystem root permanently for a process), (which changes the filesystem root permanently for a process),
@ -272,19 +267,18 @@ It also has several hardening features (such detecting escape attempts during
resolution) which resolution) which
.BR chroot (2) .BR chroot (2)
does not. does not.
.IP
Currently, this flag also disables magic link resolution. Currently, this flag also disables magic link resolution.
However, this may change in the future. However, this may change in the future.
The caller should explicitly specify The caller should explicitly specify
.B RESOLVE_NO_MAGICLINKS .B RESOLVE_NO_MAGICLINKS
to ensure that magic links are not resolved. to ensure that magic links are not resolved.
.RE
.PP .PP
It is an error to provide It is an error to provide
.BR openat2 () .BR openat2 ()
unknown flags in unknown flags in
.IR resolve . .IR resolve .
.RE
.RE
.SH RETURN VALUE .SH RETURN VALUE
On success, a new file descriptor is returned. On success, a new file descriptor is returned.
On error, -1 is returned, and On error, -1 is returned, and
@ -359,7 +353,7 @@ and one of the path components was a magic link.
first appeared in Linux 5.6. first appeared in Linux 5.6.
.SH CONFORMING TO .SH CONFORMING TO
This system call is Linux-specific. This system call is Linux-specific.
.PP
The semantics of The semantics of
.B RESOLVE_BENEATH .B RESOLVE_BENEATH
were modeled after FreeBSD's were modeled after FreeBSD's
@ -384,7 +378,7 @@ acting as an implicit version number (because new extension fields will always
be appended, the size will always increase.) be appended, the size will always increase.)
This extensibility design is very similar to other system calls such as This extensibility design is very similar to other system calls such as
.BR perf_setattr "(2), " perf_event_open "(2), and " clone (3). .BR perf_setattr "(2), " perf_event_open "(2), and " clone (3).
.PP
If we let If we let
.I usize .I usize
be the size of the structure according to userspace and be the size of the structure according to userspace and