Michael Kerrisk
6fe8bb88e4
pthreads.7: SEE ALSO: add fork(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:13 +01:00
Michael Kerrisk
7e3aca25bc
capabilities.7: Mention SECBIT_KEEP_CAPS as an alternative to prctl() PR_SET_KEEPCAPS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
Michael Kerrisk
f794d5274f
capabilities.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
Michael Kerrisk
6016943675
capabilities.7: Minor tweaks
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
Chris Mayo
16512b57bc
capabilities.7: NOTES: add last kernel versions for obsolete options
...
The CONFIG_SECURITY_CAPABILITIES option was removed by
commit 5915eb53861c5776cfec33ca4fcc1fd20d66dd27
The CONFIG_SECURITY_FILE_CAPABILITIES option removed in
Linux 2.6.33 as already mentioned in DESCRIPTION.
Signed-off-by: Chris Mayo <aklhfex@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
Michael Kerrisk
11af2d4b98
socket.7: Add some details for SO_REUSEPORT
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
Michael Kerrisk
c28f1dd3ec
socket.7: Minor fixes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
David Wilson
75979920fe
socket.7: Document SO_REUSEPORT socket option
...
Signed-off-by: David Wilson <dw@botanicus.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
Jan Chaloupka
170e5f0d95
unix.7: Mention SOCK_STREAM socket for ioctl_type of ioctl()
...
from https://bugzilla.redhat.com/show_bug.cgi?id=1110401 .
unix.7 is not clear about socket type of ioctl_type argument of
ioctl() function. The description of SIOCINQ is applicable only
for SOCK_STREAM socket. For SOCK_DGRAM, udp(7) man page gives
correct description of SIOCINQ
Signed-off-by: Jan Chaloupka <jchaloup@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 07:58:28 +01:00
Michael Kerrisk
4b139190f9
signal.7: srcfix: note commit hash for futex() restart behavior change
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 07:58:27 +01:00
Michael Kerrisk
9dc53e71c2
kexec_load.2, personality.2, prctl.2, reboot.2, socket.2, fflush.3, getopt.3, random.3, termios.3, random.4, passwd.5, capabilities.7, signal.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-01 17:14:12 +01:00
Michael Kerrisk
1d2bf1840c
capabilities.7: SEE ALSO: add setpriv(1)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-01 09:32:37 +01:00
Michael Kerrisk
3168ff2db7
signal.7: Add getrandom(2) to list of restartable system calls
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-29 09:03:32 +01:00
Michael Kerrisk
6f0dcebc96
signal.7: Add F_OFD_SETLKW to list of restartable operations
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-29 08:51:21 +01:00
Michael Kerrisk
aaf4c2a200
tcp.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 11:02:22 +01:00
Michael Kerrisk
fb4df4fe68
tcp.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 11:01:18 +01:00
Michael Kerrisk
2a479ee403
socket.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:59:44 +01:00
Michael Kerrisk
d1a2a5de7a
pthreads.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:58:20 +01:00
Michael Kerrisk
9783cf267f
pipe.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:41:42 +01:00
Michael Kerrisk
aea4d7b4f5
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:39:58 +01:00
Michael Kerrisk
043649cd45
ipv6.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:38:37 +01:00
Michael Kerrisk
8e798ccee2
epoll.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:37:06 +01:00
Michael Kerrisk
e0a06014c4
bootparam.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:35:16 +01:00
Michael Kerrisk
c17d5bac2e
pthreads.7: tfix
...
Reported-by: Michael Hayes <mike@aiinc.ca>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 08:26:49 +01:00
Michael Kerrisk
f5ac5bbfd4
capabilities.7: Minor improvement of detail
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 08:15:05 +01:00
Michael Kerrisk
a2d5944156
capabilities.7: tfix
...
Reported-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 08:13:29 +01:00
Michael Kerrisk
1c3c805bcd
user_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 07:54:02 +01:00
Akihiro Motoki
e4010a258a
pid_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 07:54:02 +01:00
Michael Kerrisk
1ac80024c9
perf_event_open.2, seccomp.2, setns.2, shmget.2, memchr.3, pthread_tryjoin_np.3, strstr.3, random.4, epoll.7, netlink.7, pid_namespaces.7, tcp.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 16:05:01 +01:00
Troy Davis
15b236f3ac
tcp.7: Clarify tcp_tw_recycle on Internet-facing hosts
...
Clarify that tcp_tw_recycle will break communication with many
general-purpose remote Internet hosts (namely, remote NAT devices)
even when the Linux device itself is not behind NAT.
Sources:
- BCP to make NAT implementors aware of this problem (2013):
https://tools.ietf.org/html/draft-penno-behave-rfc4787-5382-5508-bis-04#section-3.1.2
- RFC 1323 (PAWS)
- RFC 6191: Reducing the TIME-WAIT State Using TCP Timestamps
- The many users who unknowingly enabled this option on devices
communicating with the general-purpose Internet:
https://www.google.com/search?q=tcp_tw_recycle%20ip%20nat%20timestamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-07 08:47:37 +01:00
Michael Kerrisk
bbb4532b69
netlink.7: Add kernel version for NETLINK_CRYPTO
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-07 08:41:08 +01:00
Stephan Mueller
7b42933250
netlink.7: Add NETLINK_CRYPTO
...
Signed-off-by: Stephan Mueller <stephan.mueller@atsec.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-07 08:35:40 +01:00
Michael Kerrisk
7d26f7d449
epoll.7: Clarify a comment in example code
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-06 15:36:22 +01:00
Michael Kerrisk
a3e65c937b
epoll.7: Use epoll_create1() rather than epoll_create() in the code example
...
epoll_create1() is more or less the preferred API for new
applications, since it allows for some flags and avoids the
misdesigned epoll_create() argument, and so it seems sensible
to use that in the example, rather than epoll_create().
Reported-by: Ignat Loskutov <ignat.loskutov@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-06 15:36:10 +01:00
Michael Kerrisk
fe37675283
pid_namespaces.7: wfix + tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-06 15:26:02 +01:00
Mike Frysinger
ba7d7ed976
setns.2, pid_namespaces.7: Elaborate discussion of the PID namespace descendant limitation
...
The setns(2) man page already mentions that CLONE_NEWPID may only
be used with descendant namespaces, but this nuance could be
listed in a few more places so it is not missed.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-06 15:25:56 +01:00
Michael Kerrisk
360d311681
Removed trailing white space at end of lines
2014-12-31 07:46:42 +01:00
Michael Kerrisk
0649afd45a
localedef.1, adjtimex.2, clock_nanosleep.2, epoll_ctl.2, ioctl.2, madvise.2, open.2, posix_fadvise.2, prctl.2, restart_syscall.2, sched_setaffinity.2, select.2, semop.2, setsid.2, sgetmask.2, sigaction.2, sigreturn.2, splice.2, syscall.2, syscalls.2, tee.2, tkill.2, abort.3, cmsg.3, exp10.3, ftw.3, getopt.3, ilogb.3, memcmp.3, mq_open.3, pow.3, pthread_setschedparam.3, sigvec.3, sysconf.3, termios.3, tgamma.3, wordexp.3, locale.5, proc.5, resolv.conf.5, cp1251.7, credentials.7, fanotify.7, inotify.7, locale.7, man-pages.7, signal.7, unix.7, ld.so.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-31 07:01:38 +01:00
Mike Frysinger
dba9ebf2b4
user_namespaces(7): tfix
...
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 22:15:28 +01:00
Michael Kerrisk
891ba05667
signal.7: Fix SO_RECVTIMEO/ SO_SENDTIMEO confusion in text
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:03 +01:00
Michael Kerrisk
d13bc9426e
signal.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:03 +01:00
Michael Kerrisk
b69167e19e
signal.7: inotify(7) reads no longer show the odd EINTR error after SIGCONT
...
Since kernel 3.7, reads from inotify(7) file descriptors no longer
show the (Linux oddity) behavior of failing with EINTR when the
process resumes after a stop signal + SIGCONT.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:03 +01:00
Michael Kerrisk
b2d757fa4c
signal.7: Since Linux 3.8, reads on inotify(7) file descriptors are restartable
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:02 +01:00
Michael Kerrisk
53eea2dbae
signal.7: Mention other "slow devices"
...
Reads from eventfd(2), signalfd(2), timerfd(2), inotify(7),
and fanotify(7) file descriptors are also slow operations
that are restartable.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:02 +01:00
Michael Kerrisk
d45832f6ed
signal.7: SEE ALSO: add sigreturn(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:02 +01:00
Michael Kerrisk
aeb666ce12
man-pages.7: Clarify that SEE ALSO entries may refer to pages from other projects
...
Reported-by: Laurent Georget <laurent.georget@supelec.fr>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-29 14:32:29 +01:00
Michael Kerrisk
d2d136f7e1
man-pages.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-29 12:06:13 +01:00
Richard Weinberger
208c82ce19
pid_namespaces.7: tfix
...
s/PR_GET_CHILD_SUBREAPER/PR_SET_CHILD_SUBREAPER
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-05 06:09:36 +01:00
Tobias Werth
4fe88cafea
ascii.7: tfix
...
The ' in the compact tables were not escaped correctly resulting in
UTF-8 in the ASCII table.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-05 06:09:36 +01:00
Michael Kerrisk
e7e006f279
getdents.2, capabilities.7, symlink.7: tfix: Change 'i-node' to 'inode'
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-12 22:32:40 +01:00
Mike Frysinger
445d38c9b5
user_namespaces(7): tfix: drop spurious underline
...
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-11 06:39:06 +01:00
Heinrich Schuchardt
943c52b7bb
fanotify.7: Allow relative paths in example
...
The current example code requires passing an absolute
path to the mount to be watched.
By passing AT_FDCWD to fanotify_mark it can use both
absolute and relative paths.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-11 06:38:27 +01:00
Heinrich Schuchardt
8e38f6d391
fanotify.7: wfix
...
Removed duplicate "using".
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-11 06:36:36 +01:00
Michael Kerrisk
3e35b19b10
unix.7: Fix buglet in code snippet in BUGS section
...
Reported-by: Scott Harvey <scott.harvey@stonybrook.edu>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-09 21:15:56 +01:00
Mike Frysinger
f7611a00f6
namespaces(7): minor tweaks
...
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-08 14:27:47 +01:00
Michael Kerrisk
464b254bb8
unix.7: grfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-08 06:13:13 +01:00
Michael Kerrisk
1bcb7fdbb0
standards.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-31 07:25:54 +01:00
Josh Triplett
fadd2e6538
credentials.7: Cross-reference getgroups(2)
...
Since credentials.7 discusses supplementary GIDs, it should reference
getgroups(2).
Signed-off-by: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 15:26:24 +01:00
Michael Kerrisk
476cab32c2
locale.7: Minor tweaks to Marko Myllynen's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 15:11:44 +01:00
Marko Myllynen
c5466970d7
locale.7: Improve LOCPATH description
...
LOCPATH is ignored by privileged programs.
Add locale archive references.
Add FILES section.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 15:06:42 +01:00
Mike Frysinger
891121f60e
pid_namespaces(7): Minor grammar tweaks
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 14:15:27 +01:00
Michael Kerrisk
c5a000246c
fanotify.7: Tweaks to Heinrich Schuchard's patch on mount paths
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
Heinrich Schuchardt
a4b394f246
fanotify.7: fanotify notifies only events generated on the same mount
...
Unfortunately, fanotify does not inform listeners for all paths
under which a touched filesystem object is visible, but only the
listener using the same path as the process touching the
filesystem object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
Heinrich Schuchardt
e75c6d07ff
inotify.7: fallocate(2) does not trigger inotify events
...
Calling fallocate(2) does not result in inotify events.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
Heinrich Schuchardt
9ee7cc4faa
fanotify.7: fallocate(2) creates no events
...
fallocate(2) should create FAN_MODIFY events but does not.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
Heinrich Schuchardt
d5b26a6978
fanotify.7: Update BUGS to note bugs still not fixed in 3.17
...
I bumped the Linux version number in the BUGS section to 3.17.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
Michael Kerrisk
83033cd33c
cp1251.7, cp1252.7: Remove space from page name in .TH line
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-16 11:46:43 +02:00
Michael Kerrisk
ceffedf46c
cp1252.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-16 11:37:24 +02:00
Michael Kerrisk
b8017cf527
Removed trailing white space at end of lines
2014-10-15 11:17:46 +02:00
Michael Kerrisk
ad624ff433
readlink.2, readv.2, pthread_rwlockattr_setkind_np.3, signal.7, unix.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-15 11:13:45 +02:00
Michael Kerrisk
d02879f70a
unix.7: Various additions and rewordings
...
Notable changes:
* Clarify some details for pathname sockets.
* Add some advice on portably coding with pathname sockets.
* Note the "buggy" behavior for pathname sockets when
the supplied pathname is 108 bytes (after a report by
Tetsuo Handa).
Commented-by: Carlos O'Donell <carlos@systemhalted.org>
Commented-by: David Miller <davem@davemloft.net>
Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-14 06:56:49 +02:00
Michael Kerrisk
1e24b9333e
socket.7: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-10 06:48:29 +02:00
Michael Kerrisk
d53ad479cc
signal.7: pthread_mutex_lock() and pthread_cond_wait() are restartable
...
pthread_mutex_lock(, pthread_cond_wait(), and related APIs are
automatically restarted if interrupted by a signal handler.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-08 11:52:45 +02:00
Michael Kerrisk
e890609356
capget.2, ptrace.2, vhangup.2, wait.2, ttyslot.3, console.4, proc.5, utmp.5, boot.7: tfix: page xrefs for init
2014-10-03 08:47:03 +02:00
Michael Kerrisk
6f9e0e572e
Removed trailing white space at end of lines
2014-10-03 00:01:00 +02:00
Michael Kerrisk
bc65e77236
ldd.1, execve.2, fanotify_init.2, fanotify_mark.2, getrlimit.2, open.2, readlink.2, sched_setattr.2, sched_setscheduler.2, shmget.2, syscalls.2, vmsplice.2, dlopen.3, fseeko.3, getgrent.3, mq_getattr.3, mq_open.3, realpath.3, armscii-8.7, ascii.7, iso_8859-1.7, iso_8859-10.7, iso_8859-11.7, iso_8859-13.7, iso_8859-14.7, iso_8859-15.7, iso_8859-16.7, iso_8859-2.7, iso_8859-3.7, iso_8859-4.7, iso_8859-5.7, iso_8859-6.7, iso_8859-7.7, iso_8859-8.7, iso_8859-9.7, koi8-r.7, koi8-u.7, sched.7, ld.so.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 23:47:51 +02:00
Michael Kerrisk
fcd9822749
mq_overview.7: Various fixes after review from Davidlohr Bueso
...
Reviewed-by: Davidlohr Bueso <dave@stgolabs.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 23:10:40 +02:00
Michael Kerrisk
94d6f75f52
mq_overview.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
Michael Kerrisk
b130fda82b
mq_overview.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
Michael Kerrisk
1052e1fbcc
mq_overview.7: Update queues_max details for Linux 3.14
...
And in general rework the text a little.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
Michael Kerrisk
82f92a9e7c
mq_overview.7: Rework discussion of HARD_MSGMAX
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
Michael Kerrisk
3b3d3564aa
mq_overview.7: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
Michael Kerrisk
247d9cfdcf
mq_overview.7: Document /proc/sys/fs/mqueue/msgsize_default
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
Michael Kerrisk
8ebedd6c29
mq_overview.7: Document /proc/sys/fs/mqueue/msg_default
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
Michael Kerrisk
40502a2842
mq_overview.7: Update details for 'queues_max' limit
...
Things changed in Linux 3.5.
See https://bugs.launchpad.net/bugs/1155695
Reported-by: Arto Bendiken <arto@bendiken.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
Michael Kerrisk
81020547cb
mq_overview.7: Update details on defaults and ceiling for 'msgsize_max' limit
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
Michael Kerrisk
2d5cee6b4e
mq_overview.7: Update discussion of HARD_MSGMAX
...
The limit has changed in 2.6.33 and then again in 3.5.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
Michael Kerrisk
8ef5d0c5ce
mq_overview.7: wfix: s/HARD_MAX/HARD_MSGMAX/
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
Michael Kerrisk
5bd24c3688
mq_overview.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
Marko Myllynen
423cb2f914
iso_8859-1.7: Remove obsolete reference
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 13:38:32 +02:00
Marko Myllynen
94b2c093a4
cp1252.7: Fix broken encodings
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 13:38:32 +02:00
Marko Myllynen
ded04e5995
iso_8859-16.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
edc0328b14
iso_8859-15.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- cosmetics
2014-10-01 12:04:20 +02:00
Marko Myllynen
3e35f5885a
iso_8859-14.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
62d13a89c1
iso_8859-13.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
0ca0440214
iso_8859-11.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
398449e4e1
iso_8859-10.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
3f145ff8fc
iso_8859-9.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Michael Kerrisk
f53c5bdcc3
iso_8859-8.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
390fcba268
iso_8859-8.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
0773f72dd1
iso_8859-7.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
dd7a03e293
iso_8859-6.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
7b9b9bc8e7
iso_8859-5.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
2014-10-01 12:04:20 +02:00
Marko Myllynen
99a7634b9f
iso_8859-4.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
117b0331af
iso_8859-3.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
6b006d3814
iso_8859-2.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
963ae1794d
iso_8859-1.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- cosmetics
2014-10-01 12:04:20 +02:00
Marko Myllynen
5661f357d0
koi8-u.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- list differences between koi8-r.7 vs koi8-u.7
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
0ccc2026da
koi8-r.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- list differences between koi8-r.7 vs koi8-u.7
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
f916b177e3
cp1251.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
c5f415c63c
armscii-8.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
5ef5222a35
ascii.7: Charset pages unification, minor cleanups
...
This and the follow-up patches will provide unification of
charset pages, minor cleanups, and some unifying cosmetic
changes. References are adjusted so that all pages include
a reference to charsets(7), which contains a description of
these sets, stray comments are removed, some obsolete
statements (like ISO 8859-1 being the de-facto ASCII
replacement) are removed, and some minor reformatting
to minimize diff's between the pages are done.
The actual substance, the character tables, remain unchanged.
This series changes the following pages (under man7): ascii,
armscii, cp1251, koi8-r, koi8-u, and all of iso_8859-*.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Marko Myllynen
eee7bea60e
cp1252.7: New page documenting CP 1252
...
CP 1252 is probably one of the most used Windows Code Pages so
let's add a page for it alongside with the already provided
CP 1251 page.
Table generated from /usr/share/i18n/charmaps/CP1252.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
Wieland Hoffmann
b23c9a79d9
namespaces.7: tfix: CLONE_IPC -> CLONE_NEWIPC
...
CLONE_NEWIPC is the correct constant, as can be seen in the detailed
list of namespaces & their corresponding constants, as well as the
clone(2) man page and include/uapi/linux/sched.h in the Linux source tree.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-23 04:23:11 +02:00
Michael Kerrisk
f19db8531d
sched.7: SEE ALSO: add taskset(1)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-21 19:51:48 +02:00
Michael Kerrisk
f5d401ddda
Removed trailing white space at end of lines
2014-09-21 11:24:24 +02:00
Michael Kerrisk
daf084cc33
clone.2, flock.2, getpid.2, getunwind.2, mount.2, reboot.2, semop.2, seteuid.2, setgid.2, setns.2, setresuid.2, setreuid.2, setuid.2, uname.2, unshare.2, clock.3, drand48.3, proc.5, capabilities.7, credentials.7, mq_overview.7, namespaces.7, pid_namespaces.7, svipc.7, user_namespaces.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-21 11:23:07 +02:00
Michael Kerrisk
c228b4b4d1
namespaces.7, pid_namespaces.7, user_namespaces.7: srcfix: Add LICENSE_START tag
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-16 09:05:40 +02:00
Michael Kerrisk
fd0a5c693d
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:39:50 +02:00
Michael Kerrisk
1a1d8762eb
pid_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:36:50 +02:00
Michael Kerrisk
09fcbb82f1
user_namespaces.7: spfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Michael Kerrisk
672e7505d6
user_namespaces.7: wfix
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Eric W. Biederman
890a86d330
user_namespaces.7: Clarify the meaning of "Mounts that come as a single unit"
...
Quoting Eric Biederman:
The importance of [mounts coming across as a dingle unit] is [to]
allow the global root to mount over things and not have to worry
that someone from a user namespace root can peek underneath.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Michael Kerrisk
576233f00e
user_namespaces.7: Additions from Andy Lutomirski
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Michael Kerrisk
6cfec3d80a
user_namespaces.7: Improvements from Andy Lutomirski
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:42 -07:00
Eric W. Biederman
b10c74ff25
user_namespaces.7: Add "Restrictions on mount namespaces" section
...
Light edits by mtk
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
7aba437aa1
user_namespaces.7: Only single-threaded processes can join another user namespace
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
258e6b6c7a
namespaces.7: wfix
...
Reported-by: Vitaly Rybnikov <frodox@zoho.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Serge E. Hallyn
1191a90d12
user_namespaces.7: Improve discussion of handling of capabilities during execve(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
11d8ef176b
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
0b497138b9
namespaces.7: Add table of namespaces to top of page
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
309abda4a0
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
c6d54e1fd6
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
beb9df9ed3
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
6c21c0f947
user_namespaces.7: Say a little less about execve(2) and user ID mappings
...
The existing discussion under user and group ID mappings
probably suffices.
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
0ea90cb46d
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
99f04bb1e9
user_namespaces.7: Note that user namespaces isolate the root directory
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
c0d02ab07a
user_namespaces.7: XFS support for user namespaces was added in Linux 3.11
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ed8bd8452c
user_namespaces.7: Rework text on filesystem support for user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
bc92175773
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
1005b0062e
user_namespaces.7: Remove a confused sentence
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
e56b6c42d1
user_namespaces.7: Document maximum nesting depth for user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
8f99aa89d9
user_namespaces.7: Minor tweaks to example program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ff8531686a
pid_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ab3311aa06
clone.2, namespaces.7, pid_namespaces.7, user_namespaces.7: wfix "file system" ==> "filesystem"
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
f22abd505d
user_namespaces.7: Remove discussion of flags that can't be used with CLONE_NEWUSER
...
That information is better put into individual pages.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
714e9a7874
user_namespaces.7: Document restrictions on CLONE_NEWUSER with other CLONE_* flags
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
1f1d2a8d2b
mq_overview.7: Refer to namespaces(7) for info on POSIX MQs and IPC namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
19b06c778d
capabilities.7: Refer reader to user_namespaces(7) for a discussion of capabilities
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
c3b49118b9
capabilities.7: setns() needs CAP_SYS_ADMIN in the *target* namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
f7ee0f5180
pid_namespaces.7: Fix kernel version number for reboot() in pidns discussion
...
Should be 3.4, not 3.9, as per comments from Eric Biederman
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
78d6b55b9c
pid_namespaces.7: Refer to reboot(2) for a discussion of reboot() inside a PID namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
eb25716ff8
svipc.7: Refer to namespaces(7) for info on System V IPC and IPC namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
f344e055a6
namespaces.7: Document /proc interfaces that are distinct in each IPC namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
7d8d64eb14
namespaces.7: Remove repetitious text under network namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
63f66893e5
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
c3f29a89b5
user_namespaces.7: Move discussion of availability of user namespaces to NOTES
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
b6462f7519
user_namespaces.7: SEE ALSO: add newgidmap(1), newuidmap(1), subgid(5), subuid(5)
...
Pages in the "shadow" package
Reported-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
77f9548830
user_namespaces.7: execve(2) will drop capabilities unless the caller's UID maps to 0
...
Reported-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
550d1c537c
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
0ac408439b
user_namespaces.7: Some subsystems don't support user namespaces in some kernel versions
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
6b92803065
user_namespaces.7: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
3b44624fa4
user_namespaces.7: Minor fixes in various places
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
8a87c8b32f
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
589e43bb00
user_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
d68c5f1184
user_namespaces.7: Clarify some capabilities details
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
0666f549da
user_namespaces.7: Note treatment of "securebits" flags
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
37909beed2
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
d916d9d073
user_namespaces.7: Rewrote and reorganized various pieces
...
Mainly the pieces on capabilities, nested namespaces
and namespace membership.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
c9195dede4
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
3a9ff754df
user_namespaces.7: SEE ALSO: remove unshare(1) (which is mentioned in namespaces(7))
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
96ec9d12e6
user_namespaces.7: Clarify that the child of clone() gets all privileges in new userns
...
Nothing special happens for the children of unshare(2).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
c94eb4a68d
user_namespaces.7: Add reference to Documentation/namespaces/resource-control.txt
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
cf7d22a535
user_namespaces.7: Further reworking of text on nested namespaces and capabilities
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
c0098e767d
user_namespaces.7: Relocate text on capabilities of initial process in userns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
20e4a14719
user_namespaces.7: Explain uid_map and gid_map in the initial user namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
3e2a37ec85
user_namespaces.7: Add more detail on unmapped UIDs and GIDs exposed to user space
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
6eda94413b
user_namespaces.7: Reorganize various pieces of DESCRIPTION
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
30f3ddd6dd
user_namespaces.7: Remove duplicated text on EPERM + mapping required in parent userns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
1863e45128
user_namespaces.7: Move a misplaced rule re writing to map files
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Eric W. Biederman
98029e6531
pid_namespaces.7: Add much more detail on CLONE_NEWPID + multhreaded processes
...
CLONE_NEWPID doesn't mix with CLONE_THREAD, CLONE_VM,
and CLONE_SIGHAND.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
bd23efc759
pid_namespaces.7: Further reworking of text on CLONE_NEWPID and threads
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
e0fd534919
pid_namespaces.7: Rework text on threads and CLONE_NEWPID
...
Adapted text from Eric Biederman.
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
7cd5151990
pid_namespaces.7: SEE ALSO: remove unshare(1) (which is mentioned in namespaces(7))
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
81ccc85366
pid_namespaces.7: Mention unshare()+fork() failure case if "init" terminates
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
5597d425e9
pid_namespaces.7: Explain use for readlink() from /proc/self
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
Michael Kerrisk
47832b6dfc
pid_namespaces.7: Clarify text on failure cases with CLONE_VM + multithreaded
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
837ddeb969
pid_namespaces.7: wfix
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
36b04745db
pid_namespaces.7: Mention suspend/resume of containers in intro text
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
cbf542aa98
pid_namespaces.7: tfix
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
bac6162841
pid_namespaces.7: /proc shows mounts according to PID namespace of mounting process
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
805685dc1b
pid_namespaces.7: Note the shell command used for mount procfs
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
ec411de6d5
pid_namespaces.7: Other call sequences fail with multiple threads and CLONE_NEWPID
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
2a4b78e7e2
pid_namespaces.7: Mention PR_SET_CHILD_SUBREAPER in discussion of reparenting to init
...
Reported-by: Vasily Kulikov <segoon@openwall.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
fa88d1a483
namespaces.7, pid_namespaces.7: Add pointer to example program in user_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
8d36d80cc3
user_namespaces.7: Add an example program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
df23ae04d6
user_namespaces.7: Linux 3.9 provides a better implementation of nonoverlapping map checks
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
e4f4f2e125
user_namespaces.7: Clarify discussion on privileges of child after clone() by UID 0
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
1b3d5347f5
user_namespaces.7: Clarify that rules for writing to map files also apply to gid_map
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
0f069d0c69
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
d45d012859
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
54ead6d395
user_namespaces.7: Describe effect of mappings in the context of file-system operations
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
4332e54d27
user_namespaces.7: wfix + ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
674c23884e
user_namespaces.7: Note some interfaces that return overflowuid and overflowgid
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
0df0f26dcc
user_namespaces.7: srcfix: remove obsolete FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
27a6ff6ee6
user_namespaces.7: Describe handling of UIDs+GIDs when passed across a UNIX domain socket
...
UIDs and GIDs are mapped to receiver's userns when passed across
a UNIX domain socket
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
01ce1ceaa1
pid_namespaces.7: srcfix: Removed FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
5ba153e7ac
user_namespaces.7: The initial process in a userns has no capabilities outside the userns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
d6842bf18d
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
627e4074b4
user_namespaces.7: Fix description of inheritance of capabilities across nested namespaces
...
Based on input from Eric Biederman
Calling cap_capable asks: Does the current process have
capability X in userns U.
I see three ways you can have that capability.
1) The current process can be in user namespace U and directly
have capability X.
2) The current process can be in the parent of namespace U and
its euid can be the euid that created user namespace U.
3) You can have be have the capability X in a user namespace
that is an ancestor of U.
Coming from the direction of your manpage text.
With respect to capabilities, the following rules apply to
nested user namespaces.
1. If a process has a capability in a user namespace has that
capability in all descendant user namespaces as well.
2. The user that creates a user namespace while in the parent
namespace has all capabilities in the created namespace
and in all descendent user namespaces.
So having said that part of my problem with your original
text is that it actually switches directions. One one rule
it is looking into the descendent user namespaces, and in the
other rule it is looking at ancestor user namespaces.
So perhaps the text should read:
With respect to capabilities, the following rules are used to
answer the question does a process P have a capability C in a
user namespace U.
1. P has the capability C if P is in user namespace U and
capability C is in process P's capability set.
2. P has the capability C if P is in the parent of user
namespace U and the euid of P is the euid that created user
namespace U.
3. P has the capability C if P has the capability C in some
user namespace V that is an ancestor of U.
Which probably gets a little extra mathematical, but it is
precise.
Reported-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
7ae693d017
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
03611be8d7
user_namespaces.7: Add some references to other pages
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
6c3db75479
pid_namespaces.7: readlink(2) on /proc/self gives the caller's PID in the pidns of /proc
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
6e377abf9c
pid_namespaces.7: Parent process relationships mirror parent PID namespace relationships
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
7a9ab60197
pid_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
546fb4eefe
pid_namespaces.7: Rewrite discussion of nested PID namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
4085d4cde3
pid_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
Michael Kerrisk
963e117faf
pid_namespaces.7: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
84030779d2
pid_namespaces.7: Reorganize and add some subheadings
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
7e0e902b55
clone.2, getpid.2, credentials.7: Replace reference to namespaces(7) with pid_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
024d6a8449
namespaces.7: Remove PID namespaces material shifted to pid_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
a79bacf5f1
pid_namespaces.7: New page splitting PID namespace material out of namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
f58fb24f16
clone.2, seteuid.2, setgid.2, setresuid.2, setreuid.2, setuid.2, unshare.2, capabilities.7, credentials.7: Change reference to namespaces(7) to user_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
62a5214c57
user_namespaces.7: Reorganize and add some subheadings
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
67d1131fd9
namespaces.7: Remove userns material shifted to user_namespaces(7)
...
The user namespaces section was getting long and unwieldy.
Split it into its own page, so that it can be better
structured with subtitles, etc.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
046de6a7d7
user_namespaces.7: New page splitting user namespace material out of namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
9552196ecb
namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
e67b117c39
namespaces.7: Document association between userns and other namespace types
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
365d292a3c
clone.2, unshare.2, namespaces.7: clone() and unshare() fail (EPERM) if caller's UID/GID are not mapped
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
1d5adb6f9e
namespaces.7: Userns creation associates eff. GID of creator with the userns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
5eb7f09d7c
namespaces.7: Move text on capabilities in user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
7f76dc3079
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
cda377d2bc
namespaces.7: Clarify use of 'single line' case when writing userns map files
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
e2eb61370e
namespaces.7: Note rules regarding capabilities and nested namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
9a80f81d04
namespaces.7: Clarify explanation of nested user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
6be09bd882
namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
fd4eb520d6
namespaces.7: srcfix: Added FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
aa49742066
namespaces.7: Mapping files are empty when a user namespace is first created
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
b87dd2afb0
namespaces.7: User namespace ID mappings can be defined via any member process's map
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
b2e73e0ce8
namespaces.7: Clarify max # of bytes that can be written to a user namespace map
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
3fe8d14797
namespaces.7: Describe semantics of set-user/group-ID programs in a user namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
Michael Kerrisk
e420879421
namespaces.7: Rewrite EPERM rules for writing to user namespace map file
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
Michael Kerrisk
1879c18c63
namespaces.7: spfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
Michael Kerrisk
d70ee6ff45
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
Michael Kerrisk
6155c4554f
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
Michael Kerrisk
4d2d9a106f
namespaces.7: Add further EINVAL cases for writes to userspace map files
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
Michael Kerrisk
8e5924c0a9
namespaces.7: Clarify a detail in permissions for writing to user namespace map files
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
Michael Kerrisk
cfc50babe7
namespaces.7: Violating rules for writing to user namespace map file yields EPERM
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
Michael Kerrisk
ed0ce71a31
namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
Michael Kerrisk
76f89cbea4
namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00