LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

namespaces.7: Briefly explain why CAP_SYS_ADMIN is needed to create nonuser namespaces 

Reported-by: Tycho Kirchner <tychokirchner@mail.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2018-10-31 08:39:02 +01:00
parent 29af6f1a59
commit d45e85a94b
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
man7/namespaces.7
View File

@ -109,7 +109,10 @@ and
.BR unshare (2)
in most cases requires the
.BR CAP_SYS_ADMIN
capability.
capability, since, in the new namespace,
the creator will have the power to change global resources
that are visible to other processes that are subsequently created in,
or join the same namespace.
User namespaces are the exception: since Linux 3.8,
no privilege is required to create a user namespace.
.\"