packet.7: Clarify user namespace requirements for CAP_NET_RAW

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-09-12 19:19:14 +01:00 · 2016-09-12 19:19:14 +01:00 · f71d155750
parent 47c906e5c4
commit f71d155750
1 changed files with 2 additions and 2 deletions
--- a/man7/packet.7
+++ b/man7/packet.7
@ -50,9 +50,9 @@ then all protocols are received.
 All incoming packets of that protocol type will be passed to the packet
 socket before they are passed to the protocols implemented in the kernel.

-Only processes with the
+In order to create a packet socket, a process must have the
 .B CAP_NET_RAW
-capability may open packet sockets.
+capability in the user namespace that governs its network namespace.

 .B SOCK_RAW
 packets are passed to and from the device driver without any changes in