From c0b75059090d284bc0b5b5af83fd959e7206cb2f Mon Sep 17 00:00:00 2001 From: Michael Kerrisk Date: Thu, 16 Oct 2008 17:27:10 +0200 Subject: [PATCH] tty_ioctl.4: Explain capability requirements for various ioctls For TIOCSLCKTRMIOS, TIOCSCTTY, TIOCEXCL, explain the exact capability that is required (the text formerly just said "root" in each case). Signed-off-by: Michael Kerrisk --- man4/tty_ioctl.4 | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/man4/tty_ioctl.4 b/man4/tty_ioctl.4 index f9420cc03..d829928e2 100644 --- a/man4/tty_ioctl.4 +++ b/man4/tty_ioctl.4 @@ -85,7 +85,9 @@ structure of the terminal. Sets the locking status of the .I termios structure of the terminal. -Only root can do this. +Only root (more precisely: a process with the +.BR CAP_SYS_ADMIN +capability) can do this. .SS "Get and Set Window Size" Window sizes are kept in the kernel, but not used by the kernel (except in the case of virtual consoles, where the kernel will @@ -233,7 +235,9 @@ controlling tty already. If this tty is already the controlling tty of a different session group then the ioctl fails with .BR EPERM , -unless the caller is root and +unless the caller is root (more precisely: has the +.BR CAP_SYS_ADMIN +capability) and .I arg equals 1, in which case the tty is stolen, and all processes that had it as controlling tty lose it. @@ -277,7 +281,9 @@ No further operations on the terminal are permitted. (They will fail with .BR EBUSY , -except for root.) +except for root, that is, a process with the +.BR CAP_SYS_ADMIN +capability.) .TP .B "TIOCNXCL void" Disable exclusive mode.