LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

capabilities.7: Explain term "namespace root user ID" 

Confirmed with Serge Hallyn that: "nsroot" means the UID 0
in the namespace as it would be mapped into the initial userns.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2018-04-13 13:42:11 +02:00
parent 12dce73121
commit 7da0c87a78
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
man7/capabilities.7
View File

@ -962,9 +962,11 @@ with version 2 capabilities, but serve a different purpose:
to support namespaced file capabilities (described below).
As with version 2 file capabilities,
the capability masks are 64 bits in size.
In addition, the namespace root user ID is encoded in the
In addition, the root user ID of namespace is encoded in the
.I security.capability
extended attribute.
(A namespace's root user ID is the value that user ID 0
inside that namespace maps to in the initial user namespace.)
.\"
.SS Transformation of capabilities during execve()
.PP