mirror of https://github.com/mkerrisk/man-pages
Various changes to bring this page closer to current kernel versions.
This commit is contained in:
parent
2f11acf57e
commit
08baa0af11
|
@ -29,7 +29,6 @@
|
|||
.SH NAME
|
||||
capabilities \- overview of Linux capabilities
|
||||
.SH DESCRIPTION
|
||||
|
||||
For the purpose of performing permission checks,
|
||||
traditional Unix implementations distinguish two categories of processes:
|
||||
.I privileged
|
||||
|
@ -186,6 +185,14 @@ and
|
|||
.I security
|
||||
Extended Attributes (see
|
||||
.BR attr (5));
|
||||
call
|
||||
.BR lookup_dcookie (2);
|
||||
perform
|
||||
.BR keyctl (2)
|
||||
.B KEYCTL_CHOWN
|
||||
and
|
||||
.B KEYCTL_SETPERM
|
||||
operations.
|
||||
allow forged UID when passing socket credentials;
|
||||
exceed
|
||||
.IR /proc/sys/fs/file-max ,
|
||||
|
@ -198,13 +205,16 @@ in system calls that open files (e.g.,
|
|||
without this capability these system calls will fail with the error
|
||||
.B ENFILE
|
||||
if this limit is encountered).
|
||||
.\" FIXME 2.6.14-rc1 permist the following with CAP_SYS_ADMIN:
|
||||
.\" FIXME 2.6.14-rc1 permits the following with CAP_SYS_ADMIN:
|
||||
.\" /* Allow setting zone reclaim policy */
|
||||
.\" Document this.
|
||||
.\" FIXME CAP_SYS_ADMIN has an affect for ioprio_set()
|
||||
.TP
|
||||
.B CAP_SYS_BOOT
|
||||
Permit calls to
|
||||
.BR reboot (2).
|
||||
.BR reboot (2)
|
||||
and
|
||||
.BR kexec_load (2).
|
||||
.TP
|
||||
.B CAP_SYS_CHROOT
|
||||
Permit calls to
|
||||
|
@ -228,6 +238,9 @@ and setting scheduling policies and priorities for arbitrary processes
|
|||
.BR sched_setparam (2));
|
||||
set CPU affinity for arbitrary processes
|
||||
.RB ( sched_setaffinity ()).
|
||||
.\" FIXME Probably CAP_SYS_NICE will have a new affect in 2.6.16
|
||||
.\" for MPOL_MF_MOVE_ALL and migrate_pages(2)
|
||||
.\" FIXME CAP_SYS_NICE has an affect for ioprio_set()
|
||||
.TP
|
||||
.B CAP_SYS_PACCT
|
||||
Permit calls to
|
||||
|
|
Loading…
Reference in New Issue