LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

user_namespaces.7: Improve explanation of meaning of ownership of nonuser namespaces 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2019-08-20 09:56:33 +02:00
parent c031ffcc56
commit 18b028be2d
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
man7/user_namespaces.7
View File

@ -310,8 +310,9 @@ capability in the caller's user namespace.
When a nonuser namespace is created,
it is owned by the user namespace in which the creating process
was a member at the time of the creation of the namespace.
Actions on the nonuser namespace
require capabilities in the corresponding user namespace.
Privileged operations on resources governed by the nonuser namespace
require that the process has the necessary capabilities
in the user namespace that owns the nonuser namespace.
.PP
If
.BR CLONE_NEWUSER