mirror of https://github.com/mkerrisk/man-pages
packet.7: Clarify user namespace requirements for CAP_NET_RAW
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
47c906e5c4
commit
f71d155750
|
@ -50,9 +50,9 @@ then all protocols are received.
|
||||||
All incoming packets of that protocol type will be passed to the packet
|
All incoming packets of that protocol type will be passed to the packet
|
||||||
socket before they are passed to the protocols implemented in the kernel.
|
socket before they are passed to the protocols implemented in the kernel.
|
||||||
|
|
||||||
Only processes with the
|
In order to create a packet socket, a process must have the
|
||||||
.B CAP_NET_RAW
|
.B CAP_NET_RAW
|
||||||
capability may open packet sockets.
|
capability in the user namespace that governs its network namespace.
|
||||||
|
|
||||||
.B SOCK_RAW
|
.B SOCK_RAW
|
||||||
packets are passed to and from the device driver without any changes in
|
packets are passed to and from the device driver without any changes in
|
||||||
|
|
Loading…
Reference in New Issue