user_namespaces.7: Explain uid_map and gid_map in the initial user namespace

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2013-03-01 16:31:19 +01:00 · 2013-03-01 16:31:19 +01:00 · 20e4a14719
parent 3e2a37ec85
commit 20e4a14719
1 changed files with 21 additions and 0 deletions
--- a/man7/user_namespaces.7
+++ b/man7/user_namespaces.7
@ -235,6 +235,27 @@ When a process retrieves file user and group IDs via
 .BR stat (2)
 the IDs are mapped in the opposite direction,
 to produce values relative to the process user and group ID mappings.
+
+The initial user namespace has no parent namespace,
+but, for consistency, the kernel provides dummy user and group
+ID mapping files for this namespace.
+Looking at the
+.I uid_map
+file (the
+.I gid_map
+is the same) from a shell in the initial namespace shows:
+
+.in +4n
+.nf
+$ \fBcat /proc/$$/uid_map\fP
+         0          0 4294967295
+.fi
+.in
+
+This mapping tells us
+that the range starting at user ID 0 in this namespace
+maps to a range starting at 0 in the (nonexistent) parent namespace,
+and the length of the range is the largest 32-bit unsigned integer.
 .\"
 .\" ============================================================
 .\"