mirror of https://github.com/mkerrisk/man-pages
user_namespaces.7: Remove discussion of flags that can't be used with CLONE_NEWUSER
That information is better put into individual pages. Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
5e72cf7d10
commit
f22abd505d
|
@ -541,37 +541,6 @@ flag, as described in
|
|||
.\"
|
||||
.\" ============================================================
|
||||
.\"
|
||||
.SS Restrictions with other CLONE_* flags
|
||||
.PP
|
||||
Various restrictions apply when specifying
|
||||
.BR CLONE_NEWUSER
|
||||
in calls to
|
||||
.BR clone (2)
|
||||
and
|
||||
.BR unshare (2).
|
||||
The restrictions are as follows:
|
||||
.IP * 3
|
||||
.BR CLONE_NEWUSER
|
||||
cannot be specified in conjunction with
|
||||
.BR CLONE_THREAD
|
||||
or
|
||||
.BR CLONE_PARENT .
|
||||
.IP *
|
||||
For security reasons,
|
||||
.\" commit e66eded8309ebf679d3d3c1f5820d1f2ca332c71
|
||||
.\" https://lwn.net/Articles/543273/
|
||||
.\" The fix actually went into 3.9 and into 3.8.3. However, user namespaces
|
||||
.\" were, for practical purposes, unusable in earlier 3.8.x because of the
|
||||
.\" various file systems that didn't support userns.
|
||||
.BR CLONE_NEWUSER
|
||||
cannot be specified in conjunction with
|
||||
.BR CLONE_FS .
|
||||
.PP
|
||||
The error in each of the above cases is
|
||||
.BR EINVAL .
|
||||
.\"
|
||||
.\" ============================================================
|
||||
.\"
|
||||
.SS Miscellaneous
|
||||
.PP
|
||||
When a process's user and group IDs are passed over a UNIX domain socket
|
||||
|
|
Loading…
Reference in New Issue