LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

Changes: Ready for 3.82 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2015-03-29 18:49:01 +02:00
parent 661824b409
commit b10a1929c3
1 changed files with 717 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

725
Changes
View File

@ -1,6 +1,34 @@
==================== Changes in man-pages-3.82 ====================
Released: ????-??-??, Munich
Released: ????-??-??, Paris
Eric W. Biederman <ebiederm@xmission.com>
Heinrich Schuchardt <xypron.glpk@gmx.de>
Jakub Wilk <ubanus@users.sf.net>
Jann Horn <jann@thejh.net>
Jason Vas Dias <jason.vas.dias@gmail.com>
Josh Triplett <josh@joshtriplett.org>
J William Piggott <elseifthen@gmx.com>
Kees Cook <keescook@chromium.org>
Konstantin Shemyak <konstantin@shemyak.com>
Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
Matt Turner <mattst88@gmail.com>
Michael Kerrisk <mtk.manpages@gmail.com>
Michael Witten <mfwitten@gmail.com>
Mikael Pettersson <mikpelinux@gmail.com>
Namhyung Kim <namhyung@gmail.com>
Nicolas FRANCOIS <nicolas.francois@centraliens.net>
Paul E Condon <pecondon@mesanetworks.net>
Peter Adkins <peter.adkins@kernelpicnic.net>
Scot Doyle <lkml14@scotdoyle.com>
Shawn Landden <shawn@churchofgit.com>
Stéphane Aulery <saulery@free.fr>
Stephen Smalley <sds@tycho.nsa.gov>
Taisuke Yamada <tai@rakugaki.org>
Torvald Riegel <triegel@redhat.com>
Vincent Lefevre <vincent@vinc17.net>
<ygrex@ygrex.ru>
Yuri Kozlov <yuray@komyakino.ru>
Contributors
@ -10,6 +38,40 @@ The following people contributed patches/fixes or (noted in brackets
in the changelog below) reports, notes, and ideas that have been
incorporated in changes in this release:
Alban Crequy <alban.crequy@gmail.com>
Andy Lutomirski <luto@amacapital.net>
Bert Wesarg <bert.wesarg@googlemail.com>
Bill Pemberton <wfp5p@worldbroken.com>
Chris Delozier <c.s.delozier@gmail.com>
David Madore <david.madore@ens.fr>
Dmitry Deshevoy <mityada@gmail.com>
Eric W. Biederman <ebiederm@xmission.com>
Heinrich Schuchardt <xypron.glpk@gmx.de>
Jakub Wilk <ubanus@users.sf.net>
Jann Horn <jann@thejh.net>
Jason Vas Dias <jason.vas.dias@gmail.com>
Josh Triplett <josh@joshtriplett.org>
J William Piggott <elseifthen@gmx.com>
Kees Cook <keescook@chromium.org>
Konstantin Shemyak <konstantin@shemyak.com>
Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
Matt Turner <mattst88@gmail.com>
Michael Kerrisk <mtk.manpages@gmail.com>
Michael Witten <mfwitten@gmail.com>
Mikael Pettersson <mikpelinux@gmail.com>
Namhyung Kim <namhyung@gmail.com>
Nicolas FRANCOIS <nicolas.francois@centraliens.net>
Paul E Condon <pecondon@mesanetworks.net>
Peter Adkins <peter.adkins@kernelpicnic.net>
Scot Doyle <lkml14@scotdoyle.com>
Shawn Landden <shawn@churchofgit.com>
Stéphane Aulery <saulery@free.fr>
Stephen Smalley <sds@tycho.nsa.gov>
Taisuke Yamada <tai@rakugaki.org>
Torvald Riegel <triegel@redhat.com>
Vincent Lefevre <vincent@vinc17.net>
<ygrex@ygrex.ru>
Yuri Kozlov <yuray@komyakino.ru>
Apologies if I missed anyone!
@ -17,19 +79,666 @@ Apologies if I missed anyone!
New and rewritten pages
-----------------------
nptl.7
Michael Kerrisk
New page with details of the NPTL POSIX threads implementation
Newly documented interfaces in existing pages
---------------------------------------------
New and changed links
---------------------
Global changes
--------------
user_namespaces.7
Eric W. Biederman [Michael Kerrisk]
Document /proc/[pid]/setgroups
Changes to individual pages
---------------------------
intro.1
Stéphane Aulery
Prompt is not % but $
Stéphane Aulery
Various improvements
- Add reference to other common shells dash(1), ksh(1)
- Add a reference to stdout(3)
- Separate cp and mv descriptions
- Add examples of special cases of cd
- Add su(1) and shutdown(8) references for section Logout
and poweroff
- Move Control-D to section Logout and poweroff
- Fix some little formatting errors
Stéphane Aulery
Add cross references cited
Stéphane Aulery
Order SEE ALSO section
clone.2
Josh Triplett
Document that clone() silently ignores CLONE_PID and CLONE_STOPPED
Normally, system calls return EINVAL for flags they don't support.
Explicitly document that clone does *not* produce an error for
these two obsolete flags.
Michael Kerrisk
Small rewording of explanation of clone() wrt threads
Clone has so many effects that it's an oversimplification to say
that the *main* use of clone is to create a thread. (In fact,
the use of clone() to create new processes may well be more
common, since glibc's fork() is a wrapper that calls clone().)
getgroups.2
Michael Kerrisk [Shawn Landden]
Add discussion of NPTL credential-changing mechanism
At the kernel level, credentials (UIDs and GIDs) are a per-thread
attribute. NPTL uses a signal-based mechanism to ensure that
when one thread changes its credentials, all other threads change
credentials to the same values. By this means, the NPTL
implementation conforms to the POSIX requirement that the threads
in a process share credentials.
Michael Kerrisk
ERRORS: add EPERM for the case where /proc/PID/setgroups is "deny"
Michael Kerrisk
Note capability associated with EPERM error for setgroups(2)
Michael Kerrisk
Refer reader to user_namespaces(7) for discussion of /proc/PID/setgroups
The discussion of /proc/PID/setgroups has moved from
proc(5) to user_namespaces(7).
getpid.2
Michael Kerrisk
Note that getppid() returns 0 if parent is in different PID namespace
getsockopt.2
Konstantin Shemyak
Note RETURN VALUE details when netfilter is involved
ioctl_list.2
Heinrich Schuchardt
SEE ALSO ioctl_fat.2
Add FAT_IOCTL_GET_VOLUME_ID
SEE ALSO ioctl_fat.2
Heinrich Schuchardt
include/linux/ext2_fs.h
Include linux/ext2_fs.h does not contain any ioctl definitions
anymore.
Request codes EXT2_IOC* have been replaced by FS_IOC* in
linux/fs.h.
Some definitions of FS_IOC_* use long* but the actual code expects
int* (see fs/ext2/ioctl.c).
msgop.2
Bill Pemberton
Remove EAGAIN as msgrcv() errno
The list of errnos for msgrcv() lists both EAGAIN and ENOMSG as
the errno for no message available with the IPC_NOWAIT flag.
ENOMSG is the errno that will be set.
Bill Pemberton
Add an example program
open.2
Michael Kerrisk [Jason Vas Dias]
Mention blocking semantics for FIFO opens
See https://bugzilla.kernel.org/show_bug.cgi?id=95191
seccomp.2
Jann Horn [Kees Cook, Mikael Pettersson, Andy Lutomirski]
Add note about alarm(2) not being sufficient to limit runtime
Jann Horn
Explain blacklisting problems, expand example
Michael Kerrisk [Kees Cook]
Add mention of libseccomp
setgid.2
Michael Kerrisk
Clarify that setgid() changes all GIDs when caller has CAP_SETGID
Michael Kerrisk [Shawn Landden]
Add discussion of NPTL credential-changing mechanism
At the kernel level, credentials (UIDs and GIDs) are a per-thread
attribute. NPTL uses a signal-based mechanism to ensure that
when one thread changes its credentials, all other threads change
credentials to the same values. By this means, the NPTL
implementation conforms to the POSIX requirement that the threads
in a process share credentials.
setresuid.2
Michael Kerrisk [Shawn Landden]
Add discussion of NPTL credential-changing mechanism
At the kernel level, credentials (UIDs and GIDs) are a per-thread
attribute. NPTL uses a signal-based mechanism to ensure that
when one thread changes its credentials, all other threads change
credentials to the same values. By this means, the NPTL
implementation conforms to the POSIX requirement that the threads
in a process share credentials.
setreuid.2
Michael Kerrisk [Shawn Landden]
Add discussion of NPTL credential-changing mechanism
At the kernel level, credentials (UIDs and GIDs) are a per-thread
attribute. NPTL uses a signal-based mechanism to ensure that
when one thread changes its credentials, all other threads change
credentials to the same values. By this means, the NPTL
implementation conforms to the POSIX requirement that the threads
in a process share credentials.
Michael Kerrisk
SEE ALSO: add credentials(7)
setuid.2
Michael Kerrisk
Clarify that setuid() changes all UIDs when caller has CAP_SETUID
Michael Kerrisk [Shawn Landden]
Add discussion of NPTL credential-changing mechanism
At the kernel level, credentials (UIDs and GIDs) are a per-thread
attribute. NPTL uses a signal-based mechanism to ensure that
when one thread changes its credentials, all other threads change
credentials to the same values. By this means, the NPTL
implementation conforms to the POSIX requirement that the threads
in a process share credentials.
sigaction.2
Michael Kerrisk
Add discussion of rt_sigaction(2)
Michael Kerrisk
Note treatment of signals used internally by NPTL
The glibc wrapper gives an EINVAL error on attempts to change the
disposition of either of the two real-time signals used by NPTL.
sigpending.2
Michael Kerrisk
Add discussion of rt_sigpending(2)
sigprocmask.2
Michael Kerrisk
Add discussion of rt_sigprocmask(2)
Michael Kerrisk
Note treatment of signals used internally by NPTL
The glibc wrapper silently ignores attempts to block the two
real-time signals used by NPTL.
sigreturn.2
Michael Kerrisk
Add discussion of rt_sigreturn(2)
sigsuspend.2
Michael Kerrisk
Add discussion of rt_sigsuspend(2)
sigwaitinfo.2
Michael Kerrisk
Note treatment of signals used internally by NPTL
The glibc wrappers silently ignore attempts to wait for
signals used by NPTL.
Michael Kerrisk
Add discussion of rt_sigtimedwait(2)
socket.2
Heinrich Schuchardt
SEE ALSO close(2)
The description mentions close(2). Hence it should also be
referenced in the SEE ALSO section.
syscall.2
Jann Horn
Add x32 ABI
umount.2
Eric W. Biederman
Document the effect of shared subtrees on umount(2)
Eric W. Biederman
Correct the description of MNT_DETACH
I recently realized that I had been reasoning improperly about
what umount(MNT_DETACH) did based on an insufficient description
in the umount.2 man page, that matched my intuition but not the
implementation.
When there are no submounts, MNT_DETACH is essentially harmless to
applications. Where there are submounts, MNT_DETACH changes what
is visible to applications using the detach directories.
Michael Kerrisk
Move "shared mount + umount" text to a subsection in NOTES
aio_return.3
Stéphane Aulery
Document the return value on error
Reported by Alexander Holler <holler@ahsoftware.de>
clock.3
Stéphane Aulery
CLOCKS_PER_SEC = 1000000 is required by XSI, not POSIX
Debian Bug #728213 reported by Tanaka Akira <akr@fsij.org>
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=728213
dlopen.3
Michael Kerrisk
Amend error in description of dlclose() behavior
The current text says that unloading depends on whether
the reference count falls to zero *and no other libraries
are using symbols in this library*. That latter text has
been there since man-pages-1.29, but it seems rather dubious.
How could the implementation know whether other libraries
are still using symbols in this library? Furthermore, no
other implementation's man page mentions this point.
Seems best to drop this point.
Michael Kerrisk
Add some details for RTLD_DEFAULT
Michael Kerrisk
Add some details on RTLD_NEXT and preloading
Michael Kerrisk
RTLD_NEXT works for symbols generally, not just functions
The common use case is for functions, but RTLD_NEXT
also applies to variable symbols.
Michael Kerrisk
dlclose() recursively closes dependent libraries
Note that dlclose() recursively closes dependent libraries
that were loaded by dlopen()
Michael Kerrisk
Rename second dlopen() argument from "flag" to "flags"
This is more consistent with other such arguments
Michael Kerrisk
Reformat text on RTLD_DEFAULT and RTLD_NEXT
fmemopen.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The markings match glibc markings.
fpathconf.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The marking matches glibc marking.
fputwc.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The marking matches glibc marking.
fputws.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The marking matches glibc marking.
fseek.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The markings match glibc markings.
fseeko.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The markings match glibc markings.
gcvt.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The marking matches glibc marking.
getline.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The marking matches glibc marking.
getwchar.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The marking matches glibc marking.
hypot.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The markings match glibc markings.
iconv_open.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The marking matches glibc marking.
if_nameindex.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The markings match glibc markings.
initgroups.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The markings match glibc markings.
mq_open.3
Torvald Riegel
Add EINVAL error case for invalid name
This behavior is implementation-defined by POSIX. If the name
doesn't start with a '/', glibc returns EINVAL without attempting
the syscall.
popen.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The marking matches glibc marking.
pthread_kill.3
Michael Kerrisk
Note treatment of signals used internally by NPTL
The glibc pthread_kill() function gives an error on attempts
to send either of the real-time signals used by NPTL.
pthread_sigmask.3
Michael Kerrisk
Note treatment of signals used internally by NPTL
The glibc implementation silently ignores attempts to block the two
real-time signals used by NPTL.
pthread_sigqueue.3
Michael Kerrisk
Note treatment of signals used internally by NPTL
The glibc pthread_sigqueue() function gives an error on attempts
to send either of the real-time signals used by NPTL.
resolver.3
Stéphane Aulery [Jakub Wilk]
Document missing options used by _res structure indicate defaults
Missing options: RES_INSECURE1, RES_INSECURE2, RES_NOALIASES,
USE_INET6, ROTATE, NOCHECKNAME, RES_KEEPTSIG, BLAST, USEBSTRING,
NOIP6DOTINT, USE_EDNS0, SNGLKUP, SNGLKUPREOP, RES_USE_DNSSEC,
NOTLDQUERY, DEFAULT
Written from the glibc source and resolv.conf.5.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=527136
Stéphane Aulery
RES_IGNTC is implemented
rint.3
Matt Turner
Document that halfway cases are rounded to even
Per IEEE-754 rounding rules.
The round(3) page describes the behavior of rint and nearbyint
in the halfway cases by saying:
These functions round x to the nearest integer, but round
halfway cases away from zero [...], instead of to the
nearest even integer like rint(3)
sigqueue.3
Michael Kerrisk
NOTES: add "C library/kernel ABI differences" subheading
Michael Kerrisk
Clarify version info (mention rt_sigqueueinfo())
sigsetops.3
Michael Kerrisk
Note treatment of signals used internally by NPTL
The glibc sigfillset() function excludes the two real-time
signals used by NPTL.
sigwait.3
Michael Kerrisk
Note treatment of signals used internally by NPTL
The glibc sigwait() silently ignore attempts to wait for
signals used by NPTL.
strcoll.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The markings match glibc markings.
strdup.3
Ma Shimiao
ATTRIBUTES: Note functions that are thread-safe
The marking matches glibc marking.
tzset.3
J William Piggott
Add 'std' quoting information
ulimit.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The marking matches glibc marking.
wcstombs.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The marking matches glibc marking.
wctob.3
Ma Shimiao
ATTRIBUTES: Note function that is thread-safe
The marking matches glibc marking.
xdr.3
Taisuke Yamada
Clarified incompatibility and correct usage of XDR API
See http://bugs.debian.org/628099
console_codes.4
Scot Doyle
Add Console Private CSI sequence 15
An undocumented escape sequence in drivers/tty/vt/vt.c brings the
previously accessed virtual terminal to the foreground.
mtk: Patch misattributed to Taisuke Yamada in Git commit
because of a muck up on my part.
Michael Kerrisk
Add kernel version number for CSI sequence 15
random.4
Michael Kerrisk
Fix permissions shown for the devices
These days, the devices are RW for everyone.
filesystems.5
Michael Kerrisk
Remove dubious claim about comparative performance of ext2
Perhaps it was the best filesystem performance-wise in
the 20th century, when that text was written. That probably
ceased to be true quite a long time ago, though.
Stéphane Aulery
Add cross references for ext filesystems
Stéphane Aulery
Specifies the scope of this list and its limits.
host.conf.5
hosts.5
resolv.conf.5
Stéphane Aulery [Paul E Condon]
Cross references of these pages.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=298259
host.conf.5
Stéphane Aulery
Rework discussion of nospoof, spoofalert, spoof and RESOLV_SPOOF_CHECK
The keywords and environment variables "nospoof", "spoofalert",
"spoof" and RESOLV_SPOOF_CHECK were added to glibc 2.0.7 but
never implemented
Move descriptions to historical section and reorder it for clarity
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773443
hosts.5
Stéphane Aulery [Vincent Lefevre]
Mention 127.0.1.1 for FQDN and IPv6 examples
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562890
proc.5
Taisuke Yamada
Document /proc/PID/status VmPin field
See https://bugs.launchpad.net/bugs/1071746
Michael Kerrisk
Document (the obsolete) /proc/PID/seccomp
Michael Kerrisk
Replace description of 'uid_map' with a reference to user_namespaces(7)
All of the information in proc(5) was also present in
user_namespaces(7), but the latter was more detailed
and up to date.
Taisuke Yamada
Fix SELinux /proc/pid/attr/current example
Since the /proc/pid/attr API was added to the kernel, there
have been a couple of changes to the SELinux handling of
/proc/pid/attr/current. Fix the SELinux /proc/pid/attr/current
example text to reflect these changes and note which kernel
versions first included the changes.
securetty.5
Stéphane Aulery [Nicolas FRANCOIS]
Note that the pam_securetty module also uses this file
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=528015
This patch is a modified version of the one proposed without
parts specific to Debian.
boot.7
Michael Witten
Copy edit
While a lot of the changes are issues of presentation,
there are also issues of grammar and punctuation.
Michael Witten
Mention `systemd(1)' and its related `bootup(7)'
It's important that the reader receive contemporary information.
credentials.7
Michael Kerrisk
SEE ALSO: add pthreads(7)
Michael Kerrisk
Add reference to nptl(7)
feature_test_macros.7
Michael Kerrisk
Update discussion of _FORTIFY_SOURCE
Since the initial implementation a lot more checks were added.
Describe all the checks would be too verbose (and would soon
fall out of date as more checks are added). So instead, describe
the kinds of checks that are done more generally.
Also a few other minor edits to the text.
hier.7
Stéphane Aulery
First patch of a series to achieve compliance with FHS 2.3
Stéphane Aulery
SGML and XML directories are separated in FHS 2.3
Stéphane Aulery
Add missing directories defined by FHS 2.3
Stéphane Aulery
Identify which directories are optional
Stéphane Aulery
Document /initrd, /lost+found and /sys
Ubuntu Bug #70094 reported by Brian Beck
https://bugs.launchpad.net/ubuntu/+source/manpages/+bug/70094
Stéphane Aulery
Explain YP, which is not obvious
ipv6.7
Stéphane Aulery [David Madore]
SOL_IPV6 and other SOL_* options socket are not portable
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=472447
man-pages.7
Michael Kerrisk [Bill Pemberton]
Add indent(1) command that produces desired formatting for example code
Stéphane Aulery
Improve description of sections in accordance with intro pages
packet.7
Michael Kerrisk
Rework description of fanout algorithms as list
Michael Kerrisk
Remove mention of needing UID 0 to create packet socket
The existing text makes no sense. The check is based
purely on a capability check. (Kernel function
net/packet/af_packet.c::packet_create()
Michael Kerrisk
Remove text about ancient glibc not defining SOL_PACKET
This was fixed in glibc 2.1.1, which is a long while ago.
And in any case, there is nothing special about this case;
it's just one of those times when glibc lags.
Michael Kerrisk
Rework description of 'sockaddr_ll' fields as a list
Michael Kerrisk
Various minor edits
pthreads.7
Michael Kerrisk
Add references to nptl(7)
raw.7
Michael Kerrisk
Rephrase "Linux 2.2" language to "Linux 2.2 or later"
The man page was written in the LInux 2.2 timeframe, and
some phrasing was not future-proof.
signal.7
Michael Kerrisk
Note when Linux added realtime signals
Michael Kerrisk
Correct the range of realtime signals
Michael Kerrisk
Summarize 2.2 system call changes that resulted from larger signal sets
Michael Kerrisk
SEE ALSO: add nptl(7)
tcp.7
Peter Adkins
Document removal of TCP_SYNQ_HSIZE
Looking over the man page for 'tcp' I came across a reference to
tuning the 'TCP_SYNQ_HSIZE' parameter when increasing
'tcp_max_syn_backlog' above 1024. However, this static sizing was
removed back in Linux 2.6.20 in favor of dynamic scaling - as
part of commit 72a3effaf633bcae9034b7e176bdbd78d64a71db.
user_namespaces.7
Eric W. Biederman
Update the documentation to reflect the fixes for negative groups
Files with access permissions such as rwx---rwx give fewer
permissions to their group then they do to everyone else. Which
means dropping groups with setgroups(0, NULL) actually grants a
process privileges.
The unprivileged setting of gid_map turned out not to be safe
after this change. Privileged setting of gid_map can be
interpreted as meaning yes it is ok to drop groups. [ Eric
additionally noted: Setting of gid_map with privilege has been
clarified to mean that dropping groups is ok. This allows
existing programs that set gid_map with privilege to work
without changes. That is, newgidmap(1) continues to work
unchanged.]
To prevent this problem and future problems, user namespaces were
changed in such a way as to guarantee a user can not obtain
credentials without privilege that they could not obtain without
the help of user namespaces.
This meant testing the effective user ID and not the filesystem
user ID, as setresuid(2) and setregid(2) allow setting any process
UID or GID (except the supplementary groups) to the effective ID.
Furthermore, to preserve in some form the useful applications
that have been setting gid_map without privilege, the file
/proc/[pid]/setgroups was added to allow disabling setgroups(2).
With setgroups(2) permanently disabled in a user namespace, it
again becomes safe to allow writes to gid_map without privilege.
Michael Kerrisk
Rework some text describing permission rules for updating map files
No (intentional) change to the facts, but this restructuring
should make the meaning easier to grasp.
Michael Kerrisk
Update kernel version associated with 5-line limit for map files
As at Linux 3.18, the limit is still five lines, so mention the
more recent kernel version in the text.
Michael Kerrisk [Alban Crequy]
Handle /proc/PID/setgroups in the example program
Michael Kerrisk
Rework text describing restrictions on updating /proc/PID/setgroups
No (intentional) changes to factual description, but the
restructured text is hopefully easier to grasp.
Michael Kerrisk
Explain why the /proc/PID/setgroups file was added
ldconfig.8
Michael Kerrisk
Note use of /lib64 and /usr/lib64 on some 64-bit architectures
ld.so.8
Michael Kerrisk
Note the use of /lib64 and /usr/lib64 on some 64-bit architectures