From 167f94b707148bcd46fe39c7d4ebfada9eed88f6 Mon Sep 17 00:00:00 2001
From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Tue, 27 Oct 2020 13:34:31 +0100
Subject: [PATCH] proc.5: Update capability requirements for accessing
 /proc/[pid]/map_files

The requirements changed with kernel commit 12886f8ab10ce6.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man5/proc.5 | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/man5/proc.5 b/man5/proc.5
index 77ddd733f..488acd483 100644
--- a/man5/proc.5
+++ b/man5/proc.5
@@ -1261,9 +1261,16 @@ Until kernel version 4.3,
 this directory appeared only if the
 .B CONFIG_CHECKPOINT_RESTORE
 kernel configuration option was enabled.
-Additionally, in those kernel versions, privilege
-.RB ( CAP_SYS_ADMIN )
-was required to view the contents of this directory.
+.IP
+Capabilities are required to read the contents of the symbolic links in
+this directory: before Linux 5.9, the reading process requires
+.BR CAP_SYS_ADMIN
+in the initial user namespace;
+since Linux 5.9, the reading process must have either
+.BR CAP_SYS_ADMIN
+or
+.BR CAP_CHECKPOINT_RESTORE
+in the user namespace where it resides.
 .TP
 .I /proc/[pid]/maps
 A file containing the currently mapped memory regions and their access