setns.2: ffix: add some paragraph breaks

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-05-16 22:35:33 +02:00 · 2018-05-16 22:35:33 +02:00 · 2e4a22de93
parent 8e23f12b17
commit 2e4a22de93
1 changed files with 6 additions and 0 deletions
--- a/man2/setns.2
+++ b/man2/setns.2
@ -112,14 +112,17 @@ capability in the target user namespace.
 Upon successfully joining a user namespace,
 a process is granted all capabilities in that namespace,
 regardless of its user and group IDs.
+.IP
 A multithreaded process may not change user namespace with
 .BR setns ().
+.IP
 It is not permitted to use
 .BR setns ()
 to reenter the caller's current user namespace.
 This prevents a caller that has dropped capabilities from regaining
 those capabilities via a call to
 .BR setns ().
+.IP
 For security reasons,
 .\" commit e66eded8309ebf679d3d3c1f5820d1f2ca332c71
 .\" https://lwn.net/Articles/543273/
@ -129,6 +132,7 @@ filesystem-related attributes
 .BR clone (2)
 .B CLONE_FS
 flag) with another process.
+.IP
 For further details on user namespaces, see
 .BR user_namespaces (7).
 .TP
@ -136,6 +140,7 @@ Mount namespaces
 A process may not be reassociated with a new mount namespace if it is
 multithreaded.
 .\" Above check is in fs/namespace.c:mntns_install() [3.8 source]
+.IP
 Changing the mount namespace requires that the caller possess both
 .B CAP_SYS_CHROOT
 and
@ -143,6 +148,7 @@ and
 capabilities in its own user namespace and
 .BR CAP_SYS_ADMIN
 in the the user namespace that owns the target mount namespace.
+.IP
 See
 .BR user_namespaces (7)
 for details on the interaction of user namespaces and mount namespaces.