From f16c7698e25ad1936c9bee6e1f99e74be70c4b9e Mon Sep 17 00:00:00 2001 From: Michael Kerrisk Date: Tue, 1 Jan 2013 04:11:15 +0100 Subject: [PATCH] setns.2: Clarify wording in CLONE_NEWPID discussion Signed-off-by: Michael Kerrisk --- man2/setns.2 | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/man2/setns.2 b/man2/setns.2 index b7a798c40..631635da3 100644 --- a/man2/setns.2 +++ b/man2/setns.2 @@ -80,15 +80,18 @@ and wants to ensure that the namespace is of a particular type. if the file descriptor was opened by another process and, for example, passed to the caller via a UNIX domain socket.) -The PID namespace is a little different. -Reassociating the calling -thread with a PID namespace only changes the PID namespace that the -child processes will be created in. - -Changing the PID namespace for child processes is only allowed if the +.B CLONE_NEWPID +behaves somewhat differently from the other +.I nstype +values: +reassociating the calling thread with a PID namespace only changes +the PID namespace that child processes of the caller will be created in; +it does not change the PID namespace of the caller itself. +Reassociating with a PID namespace is only allowed if the PID namespace specified by .IR fd -is a child PID namespace of the PID namespace of the caller. +is a descendant (child, grandchild, etc.) +PID namespace of the PID namespace of the caller. A multi-threaded process may not change user namespace with .BR setns ().