mirror of https://github.com/mkerrisk/man-pages
user_namespaces.7: Say a little less about execve(2) and user ID mappings
The existing discussion under user and group ID mappings probably suffices. Reported-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
0ea90cb46d
commit
6c21c0f947
|
@ -132,12 +132,7 @@ Note that a call to
|
|||
.BR execve (2)
|
||||
will cause a process to lose any capabilities that it has,
|
||||
unless it has a user ID of 0 within the namespace.
|
||||
Thus, before calling
|
||||
.BR execve (2),
|
||||
a user ID mapping for ID 0 must be defined,
|
||||
and the caller may also need to use
|
||||
.BR setuid (2)
|
||||
or similar to set its user ID to 0.
|
||||
See the discussion of user and group ID mappings, below.
|
||||
|
||||
A call to
|
||||
.BR clone (2),
|
||||
|
|
Loading…
Reference in New Issue