From ec411de6d5b71c82751fd57b164c15d5f2381db6 Mon Sep 17 00:00:00 2001
From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Fri, 1 Mar 2013 09:24:11 +0100
Subject: [PATCH] pid_namespaces.7: Other call sequences fail with multiple
 threads and CLONE_NEWPID

Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man7/pid_namespaces.7 | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/man7/pid_namespaces.7 b/man7/pid_namespaces.7
index c51019905..12f690c4f 100644
--- a/man7/pid_namespaces.7
+++ b/man7/pid_namespaces.7
@@ -197,14 +197,20 @@ the parent of a process is either in the same namespace
 or resides in the immediate parent PID namespace.
 
 Every thread in a process must be in the same PID namespace.
-For this reason, the two following call sequences will fail:
+For this reason, the following call sequences will fail:
 
 .nf
     unshare(CLONE_NEWPID);
     clone(..., CLONE_VM, ...);    /* Fails */
 
+    clone(..., CLONE_VM, ...);
+    unshare(CLONE_NEWPID);        /* Fails */
+
     setns(fd, CLONE_NEWPID);
     clone(..., CLONE_VM, ...);    /* Fails */
+
+    clone(..., CLONE_VM, ...);
+    setns(fd, CLONE_NEWPID);      /* Fails */
 .fi
 
 Because the above