LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

capabilities.7: Document the 'no_file_caps' kernel command-line option 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2019-02-12 10:15:35 +01:00
parent 962f9d0969
commit f6acfeb8f8
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
man7/capabilities.7
View File

@ -1134,6 +1134,11 @@ the capability transitions described above may
be performed (i.e., file capabilities may be ignored) for the same reasons be performed (i.e., file capabilities may be ignored) for the same reasons
that the set-user-ID and set-group-ID bits are ignored; see that the set-user-ID and set-group-ID bits are ignored; see
.BR execve (2). .BR execve (2).
.IR Note :
if the kernel was booted with the
.I no_file_caps
option, then file capabilities are ignored (treated as empty)
during the capability transitions described above.
.PP .PP
.IR Note : .IR Note :
according to the rules above, according to the rules above,