mirror of https://github.com/mkerrisk/man-pages
clone.2: Remove various details that are already covered in namespaces pages
Remove details of UTS, IPC, and network namespaces that are already covered in the corresponding namespaces pages in section 7. This change is for consistency, since corresponding details were not provided for other namespace types in clone(2) and these details do not appear in unshare(2). Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk
parent
4791ea7fda
commit
d2799a466c
51
man2/clone.2
51
man2/clone.2
|
|
@ -457,26 +457,6 @@ If this flag is not set, then (as with
|
|||
the process is created in the same IPC namespace as
|
||||
the calling process.
|
||||
.IP
|
||||
An IPC namespace provides an isolated view of System\ V IPC objects (see
|
||||
.BR sysvipc (7))
|
||||
and (since Linux 2.6.30)
|
||||
.\" commit 7eafd7c74c3f2e67c27621b987b28397110d643f
|
||||
.\" https://lwn.net/Articles/312232/
|
||||
POSIX message queues
|
||||
(see
|
||||
.BR mq_overview (7)).
|
||||
The common characteristic of these IPC mechanisms is that IPC
|
||||
objects are identified by mechanisms other than filesystem
|
||||
pathnames.
|
||||
.IP
|
||||
Objects created in an IPC namespace are visible to all other processes
|
||||
that are members of that namespace,
|
||||
but are not visible to processes in other IPC namespaces.
|
||||
.IP
|
||||
When an IPC namespace is destroyed
|
||||
(i.e., when the last process that is a member of the namespace terminates),
|
||||
all IPC objects in the namespace are automatically destroyed.
|
||||
.IP
|
||||
Only a privileged process
|
||||
.RB ( CAP_SYS_ADMIN )
|
||||
can employ
|
||||
|
|
@ -499,26 +479,6 @@ If this flag is not set, then (as with
|
|||
the process is created in the same network namespace as
|
||||
the calling process.
|
||||
.IP
|
||||
A network namespace provides an isolated view of the networking stack
|
||||
(network device interfaces, IPv4 and IPv6 protocol stacks,
|
||||
IP routing tables, firewall rules, the
|
||||
.I /proc/net
|
||||
and
|
||||
.I /sys/class/net
|
||||
directory trees, sockets, etc.).
|
||||
A physical network device can live in exactly one
|
||||
network namespace.
|
||||
A virtual network
|
||||
.RB ( veth (4))
|
||||
device pair provides a pipe-like abstraction
|
||||
that can be used to create tunnels between network namespaces,
|
||||
and can be used to create a bridge to a physical network device
|
||||
in another namespace.
|
||||
.IP
|
||||
When a network namespace is freed
|
||||
(i.e., when the last process in the namespace terminates),
|
||||
its physical network devices are moved back to the
|
||||
initial network namespace (not to the parent of the process).
|
||||
For further information on network namespaces, see
|
||||
.BR network_namespaces (7).
|
||||
.IP
|
||||
|
|
@ -641,17 +601,6 @@ If this flag is not set, then (as with
|
|||
the process is created in the same UTS namespace as
|
||||
the calling process.
|
||||
.IP
|
||||
A UTS namespace is the set of identifiers returned by
|
||||
.BR uname (2);
|
||||
among these, the domain name and the hostname can be modified by
|
||||
.BR setdomainname (2)
|
||||
and
|
||||
.BR sethostname (2),
|
||||
respectively.
|
||||
Changes made to the identifiers in a UTS namespace
|
||||
are visible to all other processes in the same namespace,
|
||||
but are not visible to processes in other UTS namespaces.
|
||||
.IP
|
||||
Only a privileged process
|
||||
.RB ( CAP_SYS_ADMIN )
|
||||
can employ
|
||||
|
|
|
|||
Loading…
Reference in New Issue