Michael Kerrisk
9ba0180298
getent.1, iconv.1, ldd.1, locale.1, localedef.1, memusage.1, memusagestat.1, pldd.1, sprof.1, time.1, _syscall.2, accept.2, add_key.2, adjtimex.2, bind.2, bpf.2, capget.2, chown.2, chroot.2, clock_getres.2, clone.2, connect.2, copy_file_range.2, epoll_ctl.2, epoll_wait.2, eventfd.2, fanotify_init.2, fanotify_mark.2, fcntl.2, fsync.2, futex.2, getcpu.2, getdents.2, getgid.2, getgroups.2, getpid.2, gettid.2, gettimeofday.2, getuid.2, getxattr.2, inotify_add_watch.2, inotify_init.2, ioctl_fat.2, ioctl_ns.2, ioctl_userfaultfd.2, ioprio_set.2, kcmp.2, kexec_load.2, keyctl.2, listxattr.2, lseek.2, madvise.2, memfd_create.2, migrate_pages.2, mount.2, mprotect.2, mremap.2, msgctl.2, msgop.2, nfsservctl.2, open_by_handle_at.2, perf_event_open.2, pipe.2, pivot_root.2, pkey_alloc.2, poll.2, posix_fadvise.2, prctl.2, readahead.2, readdir.2, readlink.2, reboot.2, recvmmsg.2, removexattr.2, rename.2, request_key.2, s390_guarded_storage.2, s390_runtime_instr.2, s390_sthyi.2, sched_setaffinity.2, sched_setattr.2, sched_setparam.2, seccomp.2, select.2, select_tut.2, semctl.2, sendmmsg.2, set_thread_area.2, setgid.2, setns.2, setuid.2, setxattr.2, shmctl.2, sigaction.2, signalfd.2, sigsuspend.2, socket.2, socketpair.2, spu_run.2, stat.2, statx.2, subpage_prot.2, syscalls.2, sysctl.2, tee.2, timer_create.2, timerfd_create.2, truncate.2, uname.2, unshare.2, userfaultfd.2, ustat.2, vmsplice.2, write.2, CPU_SET.3, __ppc_get_timebase.3, alloca.3, argz_add.3, asprintf.3, backtrace.3, basename.3, bsd_signal.3, bstring.3, bswap.3, bzero.3, cacos.3, cacosh.3, catan.3, catanh.3, catgets.3, clock_getcpuclockid.3, cmsg.3, confstr.3, ctermid.3, ctime.3, des_crypt.3, dl_iterate_phdr.3, dlinfo.3, dlsym.3, duplocale.3, end.3, endian.3, errno.3, exec.3, exit.3, ferror.3, fgetws.3, fmemopen.3, fnmatch.3, fopencookie.3, fputws.3, frexp.3, ftw.3, get_nprocs_conf.3, get_phys_pages.3, getaddrinfo.3, getaddrinfo_a.3, getdate.3, getgrouplist.3, getifaddrs.3, getline.3, getlogin.3, getmntent.3, getnameinfo.3, getopt.3, getpass.3, getprotoent_r.3, getpwnam.3, getservent_r.3, getsubopt.3, glob.3, gnu_get_libc_version.3, hsearch.3, if_nameindex.3, index.3, inet.3, inet_net_pton.3, inet_pton.3, insque.3, isatty.3, iswblank.3, iswspace.3, lockf.3, makecontext.3, mallinfo.3, malloc.3, malloc_hook.3, malloc_info.3, mallopt.3, matherr.3, mbrtowc.3, mbsnrtowcs.3, mbsrtowcs.3, mbstowcs.3, mbtowc.3, mcheck.3, memchr.3, mq_getattr.3, mq_notify.3, newlocale.3, nl_langinfo.3, offsetof.3, perror.3, posix_spawn.3, printf.3, pthread_attr_init.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_getattr_default_np.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_mutexattr_setrobust.3, pthread_rwlockattr_setkind_np.3, pthread_setaffinity_np.3, pthread_setname_np.3, pthread_setschedparam.3, pthread_sigmask.3, putenv.3, qsort.3, rand.3, random.3, readdir.3, regex.3, resolver.3, rpmatch.3, rtime.3, scanf.3, sem_wait.3, setaliasent.3, setbuf.3, stpcpy.3, stpncpy.3, strcat.3, strchr.3, strcmp.3, strcpy.3, strdup.3, strerror.3, strfromd.3, strfry.3, strftime.3, string.3, strlen.3, strnlen.3, strsep.3, strstr.3, strtok.3, strtol.3, strtoul.3, strverscmp.3, strxfrm.3, system.3, termios.3, trunc.3, wcpcpy.3, wcpncpy.3, wcrtomb.3, wcscat.3, wcscpy.3, wcslen.3, wcsncat.3, wcsncmp.3, wcsncpy.3, wcsnlen.3, wcsnrtombs.3, wcsrtombs.3, wcsstr.3, wcstok.3, wcstombs.3, wcwidth.3, wprintf.3, xcrypt.3, console_codes.4, dsp56k.4, full.4, initrd.4, lirc.4, loop.4, st.4, tty.4, vcs.4, charmap.5, core.5, host.conf.5, locale.5, proc.5, repertoiremap.5, resolv.conf.5, termcap.5, tmpfs.5, tzfile.5, aio.7, capabilities.7, cgroup_namespaces.7, cgroups.7, charsets.7, complex.7, epoll.7, fanotify.7, feature_test_macros.7, inotify.7, ip.7, locale.7, man-pages.7, man.7, namespaces.7, pid_namespaces.7, pkeys.7, pthreads.7, rtld-audit.7, sched.7, signal.7, sock_diag.7, socket.7, tcp.7, udp.7, unicode.7, user_namespaces.7, utf-8.7, zdump.8, zic.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-03-06 15:12:10 +01:00
Michael Kerrisk
d1a719857b
locale.1, memusage.1, pldd.1, _syscall.2, add_key.2, bind.2, bpf.2, chown.2, clone.2, copy_file_range.2, eventfd.2, execve.2, futex.2, getdents.2, getrlimit.2, ioctl_fat.2, ioctl_ns.2, kcmp.2, kexec_load.2, keyctl.2, listxattr.2, lseek.2, membarrier.2, memfd_create.2, mmap.2, mprotect.2, msgop.2, open_by_handle_at.2, perf_event_open.2, pipe.2, readdir.2, readlink.2, readv.2, recvmmsg.2, request_key.2, sched_setaffinity.2, seccomp.2, select.2, select_tut.2, sendmmsg.2, setns.2, signalfd.2, spu_run.2, stat.2, sysctl.2, tee.2, timer_create.2, timerfd_create.2, truncate.2, uname.2, unshare.2, userfaultfd.2, ustat.2, wait.2, CPU_SET.3, __ppc_get_timebase.3, argz_add.3, asprintf.3, backtrace.3, basename.3, bswap.3, bzero.3, cacos.3, cacosh.3, catan.3, catanh.3, catgets.3, clock_getcpuclockid.3, confstr.3, ctime.3, dl_iterate_phdr.3, dlinfo.3, duplocale.3, encrypt.3, end.3, endian.3, fgetws.3, fmemopen.3, fopencookie.3, fputws.3, frexp.3, ftw.3, get_nprocs_conf.3, get_phys_pages.3, getaddrinfo.3, getaddrinfo_a.3, getdate.3, getgrouplist.3, getifaddrs.3, getline.3, getlogin.3, getopt.3, getpass.3, getprotoent_r.3, getpwnam.3, getservent_r.3, getsubopt.3, glob.3, gnu_get_libc_version.3, hsearch.3, if_nameindex.3, index.3, inet.3, inet_net_pton.3, inet_pton.3, insque.3, iswblank.3, iswspace.3, makecontext.3, mallinfo.3, malloc_hook.3, malloc_info.3, mallopt.3, matherr.3, mbrtowc.3, mbsnrtowcs.3, mbsrtowcs.3, mbstowcs.3, mbtowc.3, mcheck.3, memchr.3, mq_getattr.3, mq_notify.3, newlocale.3, nl_langinfo.3, offsetof.3, perror.3, posix_spawn.3, printf.3, pthread_attr_init.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_create.3, pthread_getattr_default_np.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_mutexattr_setrobust.3, pthread_setaffinity_np.3, pthread_setname_np.3, pthread_setschedparam.3, pthread_sigmask.3, qsort.3, rand.3, readdir.3, regex.3, rpmatch.3, rtime.3, scanf.3, sem_wait.3, setaliasent.3, setbuf.3, stpcpy.3, stpncpy.3, strcat.3, strchr.3, strcpy.3, strdup.3, strerror.3, strfromd.3, strftime.3, strlen.3, strnlen.3, strsep.3, strstr.3, strtok.3, strtol.3, strtoul.3, strverscmp.3, strxfrm.3, termios.3, tsearch.3, wcpcpy.3, wcpncpy.3, wcrtomb.3, wcscat.3, wcscpy.3, wcslen.3, wcsncat.3, wcsncmp.3, wcsncpy.3, wcsnlen.3, wcsnrtombs.3, wcsrtombs.3, wcsstr.3, wcstok.3, wcstombs.3, wcwidth.3, wprintf.3, console_codes.4, dsp56k.4, full.4, initrd.4, loop.4, vcs.4, charmap.5, core.5, elf.5, locale.5, proc.5, repertoiremap.5, sysfs.5, termcap.5, aio.7, bpf-helpers.7, cgroups.7, charsets.7, complex.7, fanotify.7, feature_test_macros.7, inotify.7, locale.7, man-pages.7, man.7, pkeys.7, pthreads.7, rtld-audit.7, sock_diag.7, unix.7, user_namespaces.7, utf-8.7: Use '\e' rather than '\\' to get a backslash
...
Quoting Branden:
*roff escape sequences may sometimes look like C escapes, but that
is misleading. *roff is in part a macro language and that means
recursive expansion to arbitrary depths.
You can get away with "\\" in a context where no macro expansion
is taking place, but try to spell a literal backslash this way in
the argument to a macro and you will likely be unhappy with
results.
Try viewing the attached file with "man -l".
"\e" is the preferred and portable way to get a portable "escape
literal" going back to CSTR #54 , the original Bell Labs troff
paper.
groff(7) discusses the issue:
\\ reduces to a single backslash; useful to delay its
interpretation as escape character in copy mode. For a
printable backslash, use \e, or even better \[rs], to be
independent from the current escape character.
As of groff 1.22.4, groff_man(7) does as well:
\e Widely used in man pages to represent a backslash output
glyph. It works reliably as long as the .ec request is
not used, which should never happen in man pages, and it
is slightly more portable than the more exact ‘\(rs’
(“reverse solidus”) escape sequence.
People not concerned with portability to extremely old troffs should
probably just use \(rs (or \[rs]), as it means "the backslash
glyph", not "the glyph corresponding to whatever the current escape
character is".
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-02-27 15:32:50 +01:00
Michael Kerrisk
44449eb99f
locale.7, user_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-02-27 10:25:56 +01:00
Jakub Wilk
b784b9d50f
user_namespaces.7: tfix
...
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-11-09 16:02:07 +01:00
Michael Kerrisk
c6c28d527d
user_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-11-02 13:52:24 +01:00
Michael Kerrisk
6e8a3b421b
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-10-31 08:47:02 +01:00
Michael Kerrisk
29af6f1a59
user_namespaces.7: Rework terminology describing ownership of nonuser namespaces
...
Prefer the word "owns" rather than "associated with" when
describing the relationship between user namespaces and non-user
namespaces. The existing text used a mix of the two terms, with
"associated with" being predominant, but to my ear, describing the
relationship as "ownership" is more comprehensible.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-10-31 08:31:47 +01:00
Lucas Werkmeister
8bd6881ea9
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-08-18 09:45:06 +02:00
Michael Kerrisk
aeeb48005e
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-02-23 10:38:47 +01:00
Michael Kerrisk
8538a62b4c
iconv.1, bpf.2, copy_file_range.2, fcntl.2, memfd_create.2, mlock.2, mount.2, mprotect.2, perf_event_open.2, pkey_alloc.2, prctl.2, read.2, recvmmsg.2, s390_sthyi.2, seccomp.2, sendmmsg.2, syscalls.2, unshare.2, write.2, errno.3, fgetpwent.3, fts.3, pthread_rwlockattr_setkind_np.3, fuse.4, veth.4, capabilities.7, cgroups.7, ip.7, man-pages.7, namespaces.7, network_namespaces.7, sched.7, socket.7, user_namespaces.7, iconvconfig.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2018-02-02 07:38:54 +01:00
Michael Kerrisk
54b9d7bf87
user_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-06 15:05:15 +01:00
Michael Kerrisk
8e821c3aa8
user_namespaces.7: Mention NS_GET_OWNER_UID ioctl() operation
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 09:22:40 +01:00
Michael Kerrisk
f2c2c3083f
user_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-19 09:56:40 +01:00
Michael Kerrisk
2660d01041
user_namespaces.7: Restore historical details about UID maps
...
Christian Brauner's patch added the Linux 4.15 details,
but we need to retain the historical details.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-19 09:56:35 +01:00
Christian Brauner
dc04b65274
user_namespaces.7: Document new 340 line idmap limit
...
This patch documents the following kernel commit:
commit 6397fac4915ab3002dc15aae751455da1a852f25
Author: Christian Brauner <christian.brauner@ubuntu.com>
Date: Wed Oct 25 00:04:41 2017 +0200
userns: bump idmap limits to 340
Since Linux 4.15 the number of idmap lines has been bumped to 340.
The patch also removes the "(arbitrary)" in "There is an
(arbitrary) limit on the number of lines in the file." since the
340 line limit is well-explained by the current implementation.
The struct recording the idmaps is 12 bytes and quite some proc
files only allow writes the size of a single page size which is
4096kB. This leaves room for 340 idmappings (340 * 12 = 4080
bytes). The struct layout itself has been chosen very carefully
to allow for an implementation that limits the time-complexity for
the idmap codepaths to O(log n). However, I think it's unnecessary
to expose this much implementation detail to users in the man
page. So only mention this in the commit message. Furthermore,
the comment about the page size restriction is misleading. The
kernel sources show that >= page size is considered an error.
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-19 09:46:07 +01:00
Michael Kerrisk
a23d8efafc
capget.2, fanotify_init.2, fcntl.2, ioctl_tty.2, madvise.2, mbind.2, prctl.2, sched_setaffinity.2, hash.3, isgreater.3, posix_fallocate.3, sigvec.3, full.4, sd.4, wavelan.4, core.5, host.conf.5, epoll.7, signal.7, unix.7, user_namespaces.7: wfix (will fail --> fail/fails)
...
Reported-by: Pedro Alves <palves@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-10-20 16:36:57 +02:00
Michael Kerrisk
4b8c67d976
iconv.1, ldd.1, locale.1, localedef.1, memusage.1, memusagestat.1, mtrace.1, pldd.1, sprof.1, time.1, _syscall.2, add_key.2, alloc_hugepages.2, arch_prctl.2, bpf.2, cacheflush.2, capget.2, chdir.2, chmod.2, chown.2, chroot.2, clock_getres.2, clock_nanosleep.2, clone.2, close.2, connect.2, copy_file_range.2, create_module.2, delete_module.2, dup.2, epoll_create.2, epoll_ctl.2, epoll_wait.2, eventfd.2, execve.2, execveat.2, fallocate.2, fanotify_init.2, fcntl.2, flock.2, fork.2, fsync.2, futex.2, futimesat.2, get_kernel_syms.2, get_mempolicy.2, get_robust_list.2, getcpu.2, getdents.2, getdomainname.2, getgid.2, getgroups.2, gethostname.2, getitimer.2, getpagesize.2, getpeername.2, getpriority.2, getrandom.2, getresuid.2, getrlimit.2, getrusage.2, getsid.2, getsockname.2, getsockopt.2, gettid.2, gettimeofday.2, getuid.2, getunwind.2, init_module.2, inotify_add_watch.2, inotify_init.2, inotify_rm_watch.2, intro.2, io_cancel.2, io_destroy.2, io_getevents.2, io_setup.2, io_submit.2, ioctl_console.2, ioctl_fat.2, ioctl_ficlonerange.2, ioctl_fideduperange.2, ioctl_getfsmap.2, ioctl_iflags.2, ioctl_list.2, ioctl_ns.2, ioctl_tty.2, ioctl_userfaultfd.2, ioperm.2, iopl.2, ioprio_set.2, ipc.2, kcmp.2, kexec_load.2, keyctl.2, kill.2, link.2, listen.2, listxattr.2, llseek.2, lookup_dcookie.2, lseek.2, madvise.2, mbind.2, membarrier.2, memfd_create.2, migrate_pages.2, mincore.2, mkdir.2, mknod.2, mlock.2, mmap.2, mmap2.2, modify_ldt.2, move_pages.2, mprotect.2, mq_getsetattr.2, mremap.2, msgctl.2, msgget.2, msgop.2, msync.2, nanosleep.2, nfsservctl.2, nice.2, open.2, open_by_handle_at.2, outb.2, perf_event_open.2, perfmonctl.2, personality.2, pivot_root.2, pkey_alloc.2, poll.2, posix_fadvise.2, prctl.2, pread.2, process_vm_readv.2, ptrace.2, query_module.2, quotactl.2, read.2, readahead.2, readdir.2, readlink.2, readv.2, reboot.2, recv.2, recvmmsg.2, remap_file_pages.2, rename.2, request_key.2, restart_syscall.2, rt_sigqueueinfo.2, s390_pci_mmio_write.2, s390_runtime_instr.2, sched_get_priority_max.2, sched_rr_get_interval.2, sched_setaffinity.2, sched_setattr.2, sched_setparam.2, sched_setscheduler.2, sched_yield.2, seccomp.2, select.2, select_tut.2, semctl.2, semget.2, semop.2, send.2, sendfile.2, sendmmsg.2, set_mempolicy.2, set_thread_area.2, set_tid_address.2, seteuid.2, setfsgid.2, setfsuid.2, setgid.2, setns.2, setpgid.2, setresuid.2, setreuid.2, setsid.2, setuid.2, sgetmask.2, shmctl.2, shmget.2, shmop.2, sigaction.2, sigaltstack.2, signal.2, sigpending.2, sigprocmask.2, sigreturn.2, sigsuspend.2, sigwaitinfo.2, socket.2, socketcall.2, socketpair.2, splice.2, spu_create.2, spu_run.2, stat.2, statfs.2, statx.2, subpage_prot.2, swapon.2, symlink.2, sync.2, sync_file_range.2, syscall.2, syscalls.2, sysctl.2, sysfs.2, sysinfo.2, syslog.2, tee.2, time.2, timer_create.2, timer_getoverrun.2, timer_settime.2, timerfd_create.2, times.2, tkill.2, truncate.2, umask.2, umount.2, uname.2, unimplemented.2, unlink.2, unshare.2, uselib.2, userfaultfd.2, ustat.2, utime.2, utimensat.2, vfork.2, vmsplice.2, wait.2, wait4.2, write.2, CPU_SET.3, INFINITY.3, __ppc_get_timebase.3, __ppc_set_ppr_med.3, __ppc_yield.3, __setfpucw.3, acos.3, acosh.3, adjtime.3, aio_fsync.3, aio_init.3, aio_read.3, aio_return.3, aio_suspend.3, aio_write.3, alloca.3, argz_add.3, asin.3, asinh.3, asprintf.3, assert.3, assert_perror.3, atan.3, atan2.3, atanh.3, atexit.3, backtrace.3, basename.3, bindresvport.3, bsd_signal.3, bsearch.3, bswap.3, btree.3, byteorder.3, bzero.3, canonicalize_file_name.3, carg.3, cbrt.3, ccos.3, ccosh.3, ceil.3, cexp.3, cfree.3, clearenv.3, clock.3, clock_getcpuclockid.3, clog.3, clog10.3, clog2.3, cmsg.3, confstr.3, copysign.3, cos.3, cosh.3, crypt.3, csin.3, csinh.3, csqrt.3, ctan.3, ctanh.3, ctime.3, dbopen.3, dl_iterate_phdr.3, dladdr.3, dlerror.3, dlinfo.3, dlopen.3, dlsym.3, drand48.3, drand48_r.3, duplocale.3, encrypt.3, end.3, endian.3, envz_add.3, erf.3, erfc.3, err.3, errno.3, error.3, ether_aton.3, euidaccess.3, exec.3, exit.3, exp.3, exp10.3, exp2.3, expm1.3, fabs.3, fcloseall.3, fdim.3, fenv.3, ferror.3, fexecve.3, fflush.3, ffs.3, fgetc.3, fgetgrent.3, fgetpwent.3, finite.3, floor.3, fma.3, fmax.3, fmemopen.3, fmin.3, fmod.3, fmtmsg.3, fopen.3, fopencookie.3, fpclassify.3, fpurge.3, fputwc.3, fputws.3, frexp.3, fseek.3, fseeko.3, ftime.3, fts.3, ftw.3, futimes.3, gamma.3, gcvt.3, get_nprocs_conf.3, get_phys_pages.3, getaddrinfo.3, getaddrinfo_a.3, getauxval.3, getcontext.3, getcwd.3, getdate.3, getentropy.3, getenv.3, getfsent.3, getgrent.3, getgrent_r.3, getgrnam.3, getgrouplist.3, gethostbyname.3, gethostid.3, getifaddrs.3, getipnodebyname.3, getline.3, getlogin.3, getmntent.3, getnameinfo.3, getnetent.3, getnetent_r.3, getopt.3, getprotoent.3, getprotoent_r.3, getpw.3, getpwent.3, getpwent_r.3, getpwnam.3, getrpcent.3, getrpcent_r.3, getrpcport.3, gets.3, getservent.3, getservent_r.3, getspnam.3, getsubopt.3, getttyent.3, getumask.3, getutent.3, getwchar.3, glob.3, gnu_get_libc_version.3, grantpt.3, gsignal.3, hash.3, hsearch.3, hypot.3, iconv.3, iconv_close.3, iconv_open.3, if_nameindex.3, if_nametoindex.3, ilogb.3, inet.3, inet_net_pton.3, inet_ntop.3, inet_pton.3, initgroups.3, insque.3, intro.3, isalpha.3, isgreater.3, j0.3, key_setsecret.3, killpg.3, ldexp.3, lgamma.3, lio_listio.3, lockf.3, log.3, log10.3, log1p.3, log2.3, logb.3, login.3, lrint.3, lround.3, lsearch.3, lseek64.3, makecontext.3, makedev.3, mallinfo.3, malloc.3, malloc_get_state.3, malloc_info.3, malloc_stats.3, malloc_trim.3, malloc_usable_size.3, mallopt.3, matherr.3, mbsnrtowcs.3, mbsrtowcs.3, mbstowcs.3, mcheck.3, memccpy.3, memchr.3, memcmp.3, memcpy.3, mkfifo.3, mkstemp.3, mktemp.3, modf.3, mpool.3, mq_close.3, mq_getattr.3, mq_notify.3, mq_open.3, mq_receive.3, mq_send.3, mtrace.3, newlocale.3, nextafter.3, nextup.3, nl_langinfo.3, ntp_gettime.3, offsetof.3, on_exit.3, open_memstream.3, opendir.3, openpty.3, perror.3, popen.3, posix_fallocate.3, posix_madvise.3, posix_memalign.3, posix_openpt.3, posix_spawn.3, pow.3, pow10.3, printf.3, profil.3, program_invocation_name.3, psignal.3, pthread_atfork.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_attr_setdetachstate.3, pthread_attr_setguardsize.3, pthread_attr_setinheritsched.3, pthread_attr_setschedparam.3, pthread_attr_setschedpolicy.3, pthread_attr_setscope.3, pthread_attr_setstack.3, pthread_attr_setstackaddr.3, pthread_attr_setstacksize.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_cleanup_push_defer_np.3, pthread_create.3, pthread_detach.3, pthread_exit.3, pthread_getattr_default_np.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_join.3, pthread_kill.3, pthread_kill_other_threads_np.3, pthread_self.3, pthread_setaffinity_np.3, pthread_setcancelstate.3, pthread_setconcurrency.3, pthread_setname_np.3, pthread_setschedparam.3, pthread_sigmask.3, pthread_sigqueue.3, pthread_testcancel.3, pthread_tryjoin_np.3, ptsname.3, putgrent.3, putpwent.3, qsort.3, random.3, random_r.3, rcmd.3, re_comp.3, readdir.3, realpath.3, recno.3, regex.3, remainder.3, remove.3, remquo.3, resolver.3, rexec.3, rint.3, round.3, rpc.3, rpmatch.3, rtime.3, scalb.3, scalbln.3, scandir.3, scanf.3, sched_getcpu.3, sem_close.3, sem_destroy.3, sem_getvalue.3, sem_init.3, sem_open.3, sem_wait.3, setaliasent.3, setbuf.3, setenv.3, setlocale.3, setlogmask.3, setnetgrent.3, shm_open.3, signbit.3, significand.3, sigpause.3, sigqueue.3, sigset.3, sigvec.3, sin.3, sincos.3, sinh.3, sleep.3, sockatmark.3, sqrt.3, statvfs.3, stdarg.3, stdin.3, strcasecmp.3, strcat.3, strchr.3, strcoll.3, strcpy.3, strdup.3, strerror.3, strfmon.3, strfromd.3, strftime.3, strptime.3, strsignal.3, strstr.3, strtod.3, strtok.3, strtol.3, strtoul.3, strverscmp.3, syslog.3, system.3, sysv_signal.3, tan.3, tanh.3, telldir.3, tempnam.3, termios.3, tgamma.3, timeradd.3, tmpnam.3, toupper.3, towlower.3, towupper.3, trunc.3, ttyslot.3, tzset.3, ualarm.3, ulimit.3, undocumented.3, unlocked_stdio.3, updwtmp.3, uselocale.3, usleep.3, wcrtomb.3, wcsdup.3, wcsnrtombs.3, wcsrtombs.3, wcstombs.3, wctob.3, wcwidth.3, wordexp.3, wprintf.3, xcrypt.3, xdr.3, y0.3, cciss.4, console_codes.4, dsp56k.4, fuse.4, hd.4, hpsa.4, initrd.4, intro.4, loop.4, random.4, rtc.4, sd.4, sk98lin.4, st.4, wavelan.4, acct.5, core.5, elf.5, filesystems.5, host.conf.5, hosts.5, locale.5, nologin.5, proc.5, resolv.conf.5, rpc.5, slabinfo.5, utmp.5, aio.7, arp.7, bootparam.7, capabilities.7, cgroup_namespaces.7, cgroups.7, charsets.7, cpuset.7, ddp.7, environ.7, epoll.7, fanotify.7, feature_test_macros.7, futex.7, inode.7, inotify.7, ip.7, ipv6.7, keyrings.7, locale.7, man-pages.7, man.7, math_error.7, mount_namespaces.7, mq_overview.7, namespaces.7, netdevice.7, netlink.7, packet.7, pipe.7, pkeys.7, pthreads.7, pty.7, raw.7, rtld-audit.7, rtnetlink.7, sched.7, session-keyring.7, signal.7, sock_diag.7, socket.7, spufs.7, suffixes.7, tcp.7, udp.7, udplite.7, unicode.7, units.7, unix.7, uri.7, user_namespaces.7, vdso.7, x25.7, xattr.7, iconvconfig.8, ld.so.8, ldconfig.8, sln.8: Update timestamps
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-09-15 12:44:56 +02:00
Michael Kerrisk
b8302363ed
execve.2, ioctl_console.2, ioctl_iflags.2, ioctl_ns.2, ioctl_userfaultfd.2, kcmp.2, kexec_load.2, keyctl.2, link.2, listxattr.2, membarrier.2, memfd_create.2, mmap.2, modify_ldt.2, mprotect.2, msgctl.2, nanosleep.2, open_by_handle_at.2, perf_event_open.2, poll.2, posix_fadvise.2, process_vm_readv.2, ptrace.2, query_module.2, quotactl.2, readdir.2, readv.2, recv.2, recvmmsg.2, request_key.2, sched_rr_get_interval.2, sched_setaffinity.2, sched_setattr.2, sched_setscheduler.2, seccomp.2, select.2, select_tut.2, semctl.2, semop.2, send.2, sendmmsg.2, set_thread_area.2, setns.2, shmctl.2, shmget.2, sigaction.2, sigaltstack.2, signal.2, sigwaitinfo.2, stat.2, statfs.2, statx.2, sync_file_range.2, syscall.2, sysctl.2, sysinfo.2, tee.2, timer_create.2, timer_settime.2, timerfd_create.2, unshare.2, userfaultfd.2, ustat.2, utime.2, utimensat.2, vmsplice.2, wait.2, adjtime.3, aio_init.3, backtrace.3, basename.3, bswap.3, btree.3, clock_getcpuclockid.3, cmsg.3, confstr.3, dbopen.3, dl_iterate_phdr.3, dladdr.3, dlinfo.3, dlopen.3, duplocale.3, encrypt.3, end.3, endian.3, err.3, errno.3, ether_aton.3, fgetgrent.3, fgetpwent.3, fmemopen.3, frexp.3, ftime.3, fts.3, getaddrinfo.3, getaddrinfo_a.3, getdate.3, getfsent.3, getgrent.3, getgrent_r.3, getgrnam.3, getgrouplist.3, gethostbyname.3, getifaddrs.3, getipnodebyname.3, getmntent.3, getnameinfo.3, getnetent.3, getopt.3, getprotoent.3, getprotoent_r.3, getpw.3, getpwent.3, getpwent_r.3, getpwnam.3, getrpcent.3, getservent.3, getservent_r.3, getspnam.3, getttyent.3, glob.3, gnu_get_libc_version.3, hash.3, hsearch.3, if_nameindex.3, inet.3, inet_net_pton.3, inet_pton.3, insque.3, isalpha.3, makecontext.3, mallinfo.3, malloc_info.3, mallopt.3, matherr.3, mbstowcs.3, mcheck.3, memchr.3, mq_getattr.3, mq_open.3, mq_receive.3, mq_send.3, mtrace.3, newlocale.3, ntp_gettime.3, posix_openpt.3, printf.3, pthread_attr_init.3, pthread_attr_setschedparam.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_cleanup_push_defer_np.3, pthread_create.3, pthread_getattr_default_np.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_setname_np.3, pthread_setschedparam.3, pthread_sigmask.3, pthread_tryjoin_np.3, readdir.3, realpath.3, recno.3, regex.3, rpc.3, scanf.3, sched_getcpu.3, sem_wait.3, setaliasent.3, sigqueue.3, statvfs.3, strcat.3, strcpy.3, strftime.3, strtok.3, strtol.3, strverscmp.3, toupper.3, ttyslot.3, xdr.3, fuse.4, loop.4, rtc.4, st.4, acct.5, core.5, elf.5, slabinfo.5, aio.7, arp.7, capabilities.7, cgroup_namespaces.7, cgroups.7, ddp.7, fanotify.7, feature_test_macros.7, inode.7, inotify.7, ip.7, keyrings.7, locale.7, mount_namespaces.7, namespaces.7, netdevice.7, netlink.7, packet.7, pkeys.7, pthreads.7, sched.7, session-keyring.7, sock_diag.7, socket.7, spufs.7, udplite.7, unix.7, user_namespaces.7, vdso.7, x25.7, ld.so.8: Use consistent markup for code snippets
...
Change .nf/.fi to .EX/.EE
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-19 13:47:27 +02:00
Michael Kerrisk
a721e8b25f
aio.7, arp.7, attributes.7, boot.7, cgroups.7, cpuset.7, credentials.7, fanotify.7, fifo.7, glob.7, hier.7, hostname.7, icmp.7, inode.7, inotify.7, keyrings.7, libc.7, mailaddr.7, mount_namespaces.7, mq_overview.7, nptl.7, numa.7, path_resolution.7, persistent-keyring.7, pid_namespaces.7, pipe.7, pkeys.7, process-keyring.7, pthreads.7, pty.7, random.7, sched.7, sem_overview.7, session-keyring.7, shm_overview.7, signal-safety.7, signal.7, spufs.7, standards.7, symlink.7, termio.7, thread-keyring.7, time.7, unicode.7, user-keyring.7, user-session-keyring.7, user_namespaces.7, utf-8.7, xattr.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-18 00:59:04 +02:00
Michael Kerrisk
6545cc56e0
dir_colors.5, feature_test_macros.7, glob.7, ip.7, ipv6.7, man-pages.7, man.7, netdevice.7, rtnetlink.7, socket.7, svipc.7, tcp.7, units.7, user_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-18 00:55:49 +02:00
Michael Kerrisk
e7d0bb4715
memusage.1, clone.2, eventfd.2, futex.2, getdents.2, ioctl_fat.2, ioctl_ns.2, kcmp.2, keyctl.2, mmap.2, mprotect.2, msgop.2, recvmmsg.2, request_key.2, sched_setaffinity.2, seccomp.2, setns.2, tee.2, timer_create.2, timerfd_create.2, unshare.2, userfaultfd.2, wait.2, __ppc_get_timebase.3, backtrace.3, bswap.3, clock_getcpuclockid.3, dl_iterate_phdr.3, dlinfo.3, dlopen.3, duplocale.3, end.3, endian.3, fmemopen.3, fopencookie.3, frexp.3, ftw.3, getdate.3, getgrouplist.3, getifaddrs.3, getprotoent_r.3, getservent_r.3, gnu_get_libc_version.3, if_nameindex.3, inet.3, inet_net_pton.3, inet_pton.3, insque.3, makecontext.3, mallinfo.3, malloc_info.3, mallopt.3, matherr.3, mbstowcs.3, mcheck.3, mq_getattr.3, mq_notify.3, newlocale.3, offsetof.3, posix_spawn.3, pthread_attr_init.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_create.3, pthread_getattr_default_np.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_setname_np.3, pthread_setschedparam.3, pthread_sigmask.3, scandir.3, sem_wait.3, strcat.3, strftime.3, strtok.3, strtol.3, strverscmp.3, loop.4, core.5, aio.7, fanotify.7, feature_test_macros.7, inotify.7, pkeys.7, unix.7, user_namespaces.7: Use .EX/.EE for EXAMPLE programs
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-08-16 10:44:33 +02:00
Michael Kerrisk
734882f4c4
_exit.2, alarm.2, chmod.2, clone.2, epoll_ctl.2, fcntl.2, fork.2, fsync.2, getdents.2, getpid.2, ioctl.2, ioctl_console.2, ioctl_list.2, ioctl_ns.2, ioctl_tty.2, ioctl_userfaultfd.2, kexec_load.2, lseek.2, mincore.2, mkdir.2, mknod.2, mmap.2, open.2, poll.2, posix_fadvise.2, prctl.2, rename.2, sched_setaffinity.2, select.2, select_tut.2, sigaction.2, signalfd.2, sigprocmask.2, sigwaitinfo.2, socketcall.2, stat.2, statx.2, syscalls.2, truncate.2, umask.2, unshare.2, userfaultfd.2, utime.2, utimensat.2, wait.2, bzero.3, cfree.3, exit.3, getentropy.3, grantpt.3, insque.3, shm_open.3, syslog.3, termios.3, ttyname.3, wcsdup.3, console_codes.4, tty.4, vcs.4, elf.5, nsswitch.conf.5, proc.5, slabinfo.5, tmpfs.5, bootparam.7, environ.7, hostname.7, inotify.7, mailaddr.7, man-pages.7, namespaces.7, pid_namespaces.7, pthreads.7, pty.7, sem_overview.7, signal.7, socket.7, tcp.7, termio.7, user_namespaces.7, xattr.7, ld.so.8, zdump.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-05-03 19:27:48 +02:00
Stephan Bergmann
a2b1485b5f
user_namespaces.7: Fixes to example
...
While toying around with the userns_child_exec example program on the
user_namespaces(7) man page, I noticed two things:
* In the EXAMPLE section, we need to mount the new /proc before
looking at /proc/$$/status, otherwise the latter will print
information about the outer namespace's PID 1 (i.e., the real
init). So the two paragraphs need to be swapped.
* In the program source, make sure to close pipe_fd[0] in the
child before exec'ing.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-05-03 19:20:50 +02:00
Michael Kerrisk
09860f3162
pid_namespaces.7, user_namespaces.7: Adjust references to namespaces(7) to ioctl_ns(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-01-09 15:48:57 +13:00
Michael Kerrisk
9d85c78908
user_namespaces.7: Change page cross reference: keyctl(2) ==> keyrings(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-12-27 09:36:21 +01:00
Michael Kerrisk
35deeb8703
bind.2, chmod.2, chown.2, chroot.2, clock_getres.2, clone.2, connect.2, dup.2, fallocate.2, get_mempolicy.2, getpeername.2, getpriority.2, getsockname.2, getsockopt.2, gettimeofday.2, ioctl_ficlonerange.2, ioctl_fideduperange.2, kill.2, mbind.2, mmap.2, mount.2, mprotect.2, nfsservctl.2, nice.2, open.2, perf_event_open.2, pipe.2, pkey_alloc.2, prctl.2, ptrace.2, quotactl.2, remap_file_pages.2, sched_setscheduler.2, set_mempolicy.2, signal.2, signalfd.2, swapon.2, sync_file_range.2, syscalls.2, timer_create.2, timerfd_create.2, utime.2, utimensat.2, wait.2, atof.3, ctime.3, errno.3, fclose.3, fflush.3, insque.3, malloc_get_state.3, mallopt.3, mbsnrtowcs.3, mq_close.3, mq_open.3, mq_receive.3, mq_send.3, printf.3, pthread_attr_init.3, pthread_create.3, pthread_setaffinity_np.3, ptsname.3, remainder.3, strtod.3, tgamma.3, timegm.3, tmpnam.3, ttyname.3, console_ioctl.4, elf.5, filesystems.5, proc.5, utmp.5, capabilities.7, cgroups.7, credentials.7, ddp.7, feature_test_macros.7, fifo.7, inotify.7, libc.7, mount_namespaces.7, namespaces.7, netlink.7, pid_namespaces.7, pkeys.7, shm_overview.7, standards.7, uri.7, user_namespaces.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-12-12 10:45:24 +01:00
Michael Kerrisk
4bfc202622
mount_namespaces.7, user_namespaces.7: Migrate subsection on mount restrictions to mount_namespaces(7)
...
This section material in the user_namespaces(7) page was written
before the creation of the mount_namespaces(7) manual page.
Nowadays, this material properly belongs in the newer page.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-12-12 07:28:52 +01:00
Michael Kerrisk
414908519d
user_namespaces.7: Add reference to namespaces(7) for NS_GET_USERNS operation
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-12-12 07:27:23 +01:00
Michael Kerrisk
7af6863be7
user_namespaces.7: Add reference to namespaces(7) for NS_GET_PARENT operation
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-12-12 07:27:23 +01:00
Michael Kerrisk
791ea4b39c
user_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-12-11 11:07:19 +01:00
Michael Kerrisk
b64fbdca61
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-11-11 09:38:06 +01:00
Michael Kerrisk
4e07c70f90
fallocate.2, fcntl.2, lseek.2, madvise.2, memfd_create.2, mmap.2, remap_file_pages.2, swapon.2, proc.5, cgroups.7, shm_overview.7, user_namespaces.7: Fix cross references to new tmpfs(5) page
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-11-07 16:21:41 +01:00
Michael Kerrisk
c63b745431
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-10-31 16:44:08 +01:00
Michael Kerrisk
750653a812
getrusage.2, madvise.2, memfd_create.2, mlock.2, mount.2, getauxval.3, core.5, capabilities.7, pid_namespaces.7, symlink.7, user_namespaces.7: Consistently use /proc/[pid] (not /proc/PID)
...
Reported-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-10-07 22:47:23 +02:00
Michael Kerrisk
a4680ab51d
user_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-08-08 05:54:16 +10:00
Michael Kerrisk
3525268cbd
user_namespaces.7: Fix order of SEE ALSO entries
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-08-08 05:54:14 +10:00
Michael Kerrisk
3df541c0e6
ldd.1, localedef.1, add_key.2, chroot.2, clone.2, fork.2, futex.2, get_mempolicy.2, get_robust_list.2, getitimer.2, getpriority.2, ioctl.2, ioctl_ficlonerange.2, ioctl_fideduperange.2, kcmp.2, kill.2, lookup_dcookie.2, mmap.2, mount.2, open.2, pciconfig_read.2, perf_event_open.2, prctl.2, process_vm_readv.2, ptrace.2, quotactl.2, recv.2, setfsgid.2, setfsuid.2, sysinfo.2, umask.2, umount.2, unshare.2, utimensat.2, wait.2, assert.3, fmax.3, fmin.3, getauxval.3, inet_pton.3, malloc_hook.3, memmem.3, mkdtemp.3, mktemp.3, printf.3, strcasecmp.3, strcat.3, strtoul.3, strxfrm.3, console_codes.4, console_ioctl.4, lirc.4, tty.4, vcs.4, charmap.5, elf.5, locale.5, proc.5, repertoiremap.5, utmp.5, capabilities.7, cgroup_namespaces.7, cgroups.7, charsets.7, cp1251.7, cp1252.7, credentials.7, feature_test_macros.7, iso_8859-1.7, iso_8859-15.7, iso_8859-5.7, koi8-r.7, koi8-u.7, man-pages.7, mount_namespaces.7, namespaces.7, netlink.7, pid_namespaces.7, unix.7, user_namespaces.7, utf-8.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-17 18:10:19 +02:00
Michael Kerrisk
8c74a1cea4
user_namespaces.7: Clarify details of CAP_SYS_ADMIN and cgroup v1 mounts
...
With respect to cgroups version 1, CAP_SYS_ADMIN in the user
namespace allows only *named* hierarchies to be mounted (and
not hierarchies that have a controller).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-07 14:30:01 +02:00
Michael Kerrisk
c7e077eaa4
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-07-07 13:59:24 +02:00
Michael Kerrisk
fa7ae0ea13
user_namespaces.7: Correct kernel version where XFS added support for user namespaces
...
Linux 3.12, not 3.11.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-30 06:08:18 +02:00
Michael Kerrisk
801245a110
user_namespaces.7: SEE ALSO: add ptrace(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-29 07:06:30 +02:00
Michael Kerrisk
687d3f4aef
user_namespaces.7: Correct user namespace rules for mounting /proc
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-26 16:31:44 +02:00
Michael Kerrisk
7e52299f66
user_namespaces.7: CAP_SYS_ADMIN allows mounting cgroup filesystems
...
See https://bugzilla.kernel.org/show_bug.cgi?id=120671
Reported-by: Michał Zegan <webczat_200@poczta.onet.pl>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-26 16:11:30 +02:00
Michael Kerrisk
8a9fb19dbd
user_namespaces.7: Clarify CAP_SYS_ADMIN details for mounting FS_USERNS_MOUNT filesystems
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-26 16:09:06 +02:00
Michael Kerrisk
32efecaab8
user_namespaces.7: List the mount operations permitted by CAP_SYS_ADMIN
...
List the mount operations permitted by CAP_SYS_ADMIN in a
noninitial userns.
See https://bugzilla.kernel.org/show_bug.cgi?id=120671
Reported-by: Michał Zegan <webczat_200@poczta.onet.pl>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 13:55:07 +02:00
Michael Kerrisk
2304b0d740
user_namespaces.7: Add a subsection heading for effects of capabilities in user NS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 13:55:07 +02:00
Michael Kerrisk
89070c1a7c
user_namespaces.7: Clarify meaning of privilege in a user namespace
...
Having privilege in a user NS only allows privileged
operations on resources governed by that user NS. Many
privileged operations relate to resources that have no
association with any namespace type, and only processes
with privilege in the initial user NS can perform those
operations.
See https://bugzilla.kernel.org/show_bug.cgi?id=120671
Reported-by: Michał Zegan <webczat_200@poczta.onet.pl>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:48:43 +02:00
Michael Kerrisk
3afb0c6a8e
user_namespaces.7: SEE ALSO: add cgroup_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
Michael Kerrisk
7ea1c45ebd
user_namespaces.7: Describe a concrete example of capability checking
...
Add a concrete example of how the kernel checks capabilities in
an associated user namespace when a process attempts a privileged
operation.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
Michael Kerrisk
06999763ba
user_namespaces.7: Minor wording fix
...
Avoid listing all namespace types in a couple of places,
since such a list is subject to bit rot as the number
of namespace types grows.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00