LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity
18,843 Commits 1 Branch 197 Tags 93 MiB
Commit Graph

18843 Commits

Author SHA1 Message Date
Michael Kerrisk 0f4727addb sigaltstack.2: tfix 
Reported-by: Elie Roudninski <xademax@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-18 17:09:46 +01:00
Michael Kerrisk b8cee784b3 capabilities.7: Clarify effect of CAP_SETFCAP 
Make it clear that CAP_SETFCAP allows setting arbitrary
capabilities on a file.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-16 00:09:25 +01:00
Michael Kerrisk 6386c0c862 errno.3: Add Linux error text corresponding to ENOMEM 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-16 00:09:16 +01:00
Stefan Hajnoczi ba294a0ee6 vsock.7: Clarify send(2)/recv(2) families of system calls 
Sockets support both read(2)/write(2) and send(2)/recv(2) system
calls.  Each of these is actually a family of multiple system
calls such as send(2), sendfile(2), sendmsg(2), sendmmsg(2), and
sendto(2).

This patch claries which families of system calls can be used.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-12 19:12:07 +01:00
Michael Kerrisk 0d757f49e2 s390_sthyi.2: Give an argument a more meaningful name ('buffer' --> 'resp_buffer') 
Reviewed-by: QingFeng Hao <haoqf@linux.vnet.ibm.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-12 07:33:08 +01:00
Michael Kerrisk 308a16d989 vsock.7: Place SEE ALSO and ERRORS in alphabetical order 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 20:30:38 +01:00
Michael Kerrisk 2472922151 vsock.7: Minor fixes 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 20:30:37 +01:00
Michael Kerrisk 4a70bb07bc vsock.7: srcfix: rewrap source lines 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 20:19:03 +01:00
Stefan Hajnoczi 29598b2f2d vsock.7: Document the VSOCK socket address family 
The AF_VSOCK address family has been available since Linux 3.9.

This patch adds vsock.7 and describes its use along the same lines as
existing ip.7, unix.7, and netlink.7 man pages.

CC: Jorgen Hansen <jhansen@vmware.com>
CC: Dexuan Cui <decui@microsoft.com>
Reviewed-by: Jorgen Hansen <jhansen@vmware.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 20:11:12 +01:00
Michael Kerrisk 4f684d1d8e s390_sthyi.2: Move reference to external documentation to NOTES 
CONFORMING TO is not the right place for this information.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 19:56:14 +01:00
Michael Kerrisk 763235c5e1 s390_sthyi.2: Place error list in alphabetical order 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 19:54:11 +01:00
Michael Kerrisk 9224781fd0 s390_sthyi.2: Minor wording fix-ups 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 19:54:11 +01:00
Michael Kerrisk 0966592e9f s390_sthyi.2: ffix: allow breaks inside long URL 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 19:46:04 +01:00
Michael Kerrisk a6ae634437 s390_sthyi.2: Srcfix: rewrap source lines 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 19:46:04 +01:00
Michael Kerrisk ba6f9c34af s390_sthyi.2: Minor tweaks 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 19:41:49 +01:00
Michael Kerrisk 5057157b07 s390_sthyi.2: Minor fixes 
Reported-by: Stefan Raspl <raspl@linux.vnet.ibm.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 19:05:18 +01:00
Michael Kerrisk ef741e2a72 syscalls.2: Add s390-specific s390_sthyi(2) to syscall list 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 18:47:19 +01:00
QingFeng Hao c336d6e0fb s390_sthyi.2: New page for s390-specific s390_sthyi(2) 
Signed-off-by: QingFeng Hao <haoqf@linux.vnet.ibm.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 18:46:09 +01:00
Michael Kerrisk 46010ab917 socket.7: tfix 
Reported-by: Joel Williamson <jwilliamson@carnegietechnologies.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 18:40:14 +01:00
Michael Kerrisk cfd7fdf5ed Changes.old: tfix 
Reported-by: Jakub Wilk <jwilk@jwilk.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-11 18:34:58 +01:00
Michael Kerrisk ec9612a19f network_namespaces.7: Minor adjustments to list of resources governed by network namespaces 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-10 23:19:17 +01:00
Michael Kerrisk 5d9b8ae9b9 sysfs.5: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-10 23:19:17 +01:00
Michael Kerrisk f9ecf99e59 network_namespaces.7: When a NW namespace is freed, veth devices are destroyed 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-10 23:19:17 +01:00
Michael Kerrisk f051ce24ac network_namespaces.7: Reorganize text 
No content changes...

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-10 23:19:17 +01:00
Michael Kerrisk 2685b303e3 namespaces.7, network_namespaces.7: Move content from namespaces(7) to network_namespaces(7) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-10 23:19:17 +01:00
Michael Kerrisk 9f7ce0c2e8 network_namespaces.7: New page describing network namespaces 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-10 23:19:17 +01:00
Michael Kerrisk c4851a982b veth.4: Add network_namespaces(7) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-10 23:19:17 +01:00
Michael Kerrisk 4bf43ba523 pid_namespaces.7: SEE ALSO: add mount_namespaces(7) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-08 10:13:42 +01:00
Michael Kerrisk 54b9d7bf87 user_namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-06 15:05:15 +01:00
Michael Kerrisk e62172cbd9 capabilities.7: Rephrase CAP_SETPCAP description 
* Mention kernel versions.
* Place current kernel behavior first

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-05 22:27:27 +01:00
G. Branden Robinson 777411ae61 iconv.1, pthread_rwlockattr_setkind_np.3, man-pages.7, socket.7, iconvconfig.8: Standardize on "nonzero" 
Also add this term to the style guide in man-pages(7).

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-05 22:27:13 +01:00
John Hubbard ffa518803e mmap.2: MAP_FIXED is no longer discouraged 
MAP_FIXED has been widely used for a very long time, yet the man
page still claims that "the use of this option is discouraged".

The documentation assumes that "less portable" == "must be discouraged".

Instead of discouraging something that is so useful and widely used,
change the documentation to explain its limitations better.

Signed-off-by: John Hubbard <jhubbard@nvidia.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-05 22:27:08 +01:00
roblabla 0f24751222 pthread_mutexattr_init.3: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-05 22:27:06 +01:00
Michael Kerrisk e93e59f97b capabilities.7: SECBIT_KEEP_CAPS is ignored if SECBIT_NO_SETUID_FIXUP is set 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-03 11:16:32 +01:00
Michael Kerrisk e43d2a6013 capabilities.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-03 11:16:32 +01:00
Michael Kerrisk 02ff4f27c2 capabilities.7: Note which capability sets are affected by SECBIT_NO_SETUID_FIXUP 
Note explicitly that SECBIT_NO_SETUID_FIXUP is relevant for
the permitted, effective, and ambient capability sets.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-03 11:16:19 +01:00
Michael Kerrisk ae16c99d97 prctl.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 16:23:00 +01:00
Michael Kerrisk 7c8eb8f7cf capabilities.7: Deemphasize the ancient prctl(2) PR_SET_KEEPCAPS command 
The modern approach is SECBITS_KEEP_CAPS.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 16:21:37 +01:00
Michael Kerrisk f7dbc40ee7 capabilities.7: Minor wording fix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 16:21:37 +01:00
Michael Kerrisk 0336144833 prctl.2: Defer to capabilities(7) for discussion of the "keep capabilities" flag 
It makes no sense to describe this flag in two different
manual pages, so consolidate the description to one page.
Furthermore, the following statement that was in the prctl(2)
page is not correct:

    A thread's effective capability set is always cleared
    when such a credential change is made, regardless of
    the setting of the "keep capabilities" flag.

The effective set is not cleared if, for example, the
credential sets were [ruid != 0, euid != 0, suid == 0]
and suid is switched to zero while the "keep capabilities"
flag is set.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 16:21:13 +01:00
Michael Kerrisk 705a8f33f1 capabilities.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 15:43:02 +01:00
Michael Kerrisk bbb186d403 capabilities.7: Clarify which capability sets are effected by SECBIT_KEEP_CAPS 
This flag has relevance only for the process permitted and
effective sets.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 15:40:39 +01:00
Michael Kerrisk e67ac266c8 capabilities.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 15:08:52 +01:00
Michael Kerrisk f6b60423bd capabilities.7: Ambient set is also cleared when UIDs are set to nonzero value 
See cap_emulate_setxuid():

        kuid_t root_uid = make_kuid(old->user_ns, 0);

        if ((uid_eq(old->uid, root_uid) ||
             uid_eq(old->euid, root_uid) ||
             uid_eq(old->suid, root_uid)) &&
            (!uid_eq(new->uid, root_uid) &&
             !uid_eq(new->euid, root_uid) &&
             !uid_eq(new->suid, root_uid))) {
                if (!issecure(SECURE_KEEP_CAPS)) {
                        cap_clear(new->cap_permitted);
                        cap_clear(new->cap_effective);
                }

                /*
                 * Pre-ambient programs expect setresuid to nonroot followed
                 * by exec to drop capabilities.  We should make sure that
                 * this remains the case.
                 */
                cap_clear(new->cap_ambient);
        }

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 11:08:40 +01:00
Michael Kerrisk 8e821c3aa8 user_namespaces.7: Mention NS_GET_OWNER_UID ioctl() operation 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 09:22:40 +01:00
Michael Kerrisk a563b19b70 capabilities.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-02 09:12:07 +01:00
Michael Kerrisk 6dfb150c9f seccomp.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-01 22:03:20 +01:00
Michael Kerrisk b94c5c5a5b seccomp.2: Clarify that SECCOMP_RET_TRAP SIGSYS signal is thread-directed 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-12-01 22:02:43 +01:00
Michael Kerrisk 3411d30b10 memfd_create.2: glibc support for memfd_create() was added in version 2.27 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-11-30 18:59:48 +01:00
Michael Kerrisk 39874d761d mlock.2: glibc support for mlock2() is added in version 2.27 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-11-30 18:58:53 +01:00