mirror of https://github.com/mkerrisk/man-pages
user_namespaces.7: Improve explanation of meaning of ownership of nonuser namespaces
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
c031ffcc56
commit
18b028be2d
|
@ -310,8 +310,9 @@ capability in the caller's user namespace.
|
|||
When a nonuser namespace is created,
|
||||
it is owned by the user namespace in which the creating process
|
||||
was a member at the time of the creation of the namespace.
|
||||
Actions on the nonuser namespace
|
||||
require capabilities in the corresponding user namespace.
|
||||
Privileged operations on resources governed by the nonuser namespace
|
||||
require that the process has the necessary capabilities
|
||||
in the user namespace that owns the nonuser namespace.
|
||||
.PP
|
||||
If
|
||||
.BR CLONE_NEWUSER
|
||||
|
|
Loading…
Reference in New Issue