mirror of https://github.com/mkerrisk/man-pages
user_namespaces.7: Additions from Andy Lutomirski
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
6cfec3d80a
commit
576233f00e
|
@ -215,6 +215,12 @@ and mount, PID, IPC, network, and UTS namespaces can be created with just the
|
||||||
.B CAP_SYS_ADMIN
|
.B CAP_SYS_ADMIN
|
||||||
capability in the caller's user namespace.
|
capability in the caller's user namespace.
|
||||||
|
|
||||||
|
When a non-user-namespace is created,
|
||||||
|
it is owned by the user namespace in which the creating process
|
||||||
|
was a member at the time of the creation of the namespace.
|
||||||
|
Actions on the non-user-namespace
|
||||||
|
require capabilities in the corresponding user namespace.
|
||||||
|
|
||||||
If
|
If
|
||||||
.BR CLONE_NEWUSER
|
.BR CLONE_NEWUSER
|
||||||
is specified along with other
|
is specified along with other
|
||||||
|
|
Loading…
Reference in New Issue