Michael Kerrisk
7a30282c0d
namespaces.7: srcfix: Add Eric Biederman to copyright holders
...
The pieces on uid_map, gd_map and CLONE_NEWUSER were
originally drafted (in other pages) by Eric Biederman.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
9387987bbb
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
f2752f9088
namespaces.7: Add 'ls -l' example of /proc/PID/ns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
4effb5bec3
getpid.2, mount.2, uname.2, proc.5, credentials.7, mq_overview.7, svipc.7: SEE ALSO: add namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
41096af101
clone.2, setns.2, unshare.2: SEE ALSO: add namespaces(7); remove proc(5)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
13009cfaa6
setns.2: Change page xref from proc(5) to namespaces(7)
2014-09-13 20:15:57 -07:00
Michael Kerrisk
663e3be88a
clone.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
ab5dd83f7a
clone.2: Standardize text on CLONE_NEW* flags and CAP_SYS_ADMIN
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
83d9e9b2bc
clone.2, namespaces.7: Move some CLONE_NEWUTS text from clone.2 to namespaces.7
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
9cc7ad66df
clone.2: Remove CLONE_NEWUTS text that is duplicated in namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
9d005472a8
clone.2, namespaces.7: Move some CLONE_NEWUSER text from clone.2 to namespaces.7
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
3dd2331ce7
clone.2: Reword discussion of CLONE_NEWNS, removing text also in namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
73680728d1
clone.2, namespaces.7: Move some CLONE_NEWNET text from clone.2 to namespaces.7
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
9343f8e7c3
clone.2, namespaces.7: Move some CLONE_NEWIPC text from clone.2 to namespaces.7
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
b81acb1504
proc.5, namespaces.7: Move /proc/[pid]/{gid_map,uid_map} text from proc.5 to namespaces.7
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
cf8bfe6d2a
proc.5, namespaces.7: Move /proc/[pid]/mountstat text from proc.5 to namespaces.7
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
4716a1dd65
proc.5, namespaces.7: Move /proc/[pid]/mountstats from proc.5 to namespaces.7
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
357002ecdf
proc.5, namespaces.7: Move /proc/[pid]/mounts from proc.5 to namespaces.7
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
020357e8e4
namespaces.7: New page providing overview of Linux namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
a7d96776a1
capabilities.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
5bea231de3
capabilities.7: Document CAP_SETUID and CAP_SETGID for user namespace mappings
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
c67d3814e7
capabilities.7: Since Linux 3.8, user namespaces no longer require CAP_SYS_ADMIN
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
76f8f97395
unshare.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
36ec1f75e4
unshare.2: Clarify that unshare(CLONE_NEWUSER) does confer capabilities on the caller
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:57 -07:00
Michael Kerrisk
c79b7a8184
unshare.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
3d02560dbb
unshare.2: SEE ALSO: add proc(5)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
f919b6e410
unshare.2: Add an example program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
e939d607ea
unshare.2: SEE ALSO: add unshare(1)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
2193656a7c
unshare.2: Add some details to CLONE_NEWPID description
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Eric W. Biederman
37ee2d61e5
unshare.2: Add details to CLONE_NEWPID and CLONE_NEWUSER documentation
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
8f141c5e3c
unshare.2: Document CLONE_NEWPID
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
c2cd5a7fd9
unshare.2: Document CLONE_NEWUSER
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
eb359a0988
unshare.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
667f4c7891
unshare.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
040eaa70ed
clone.2: SEE ALSO: add proc(5)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
730e9c01cf
clone.2: Document behavior of clone(CLONE_NEWUSER | CLONE_NEWXXX)
...
Based on email exchanges with Eric Biederman
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
a0efdddb73
clone.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
fefbcba85c
clone.2: Note capability requirements for using CLONE_NEWUSER before Linux 3.8
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
4d2b3ed7c1
clone.2: Correct kernel version where CLONE_NEWUSER first appeared
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
642ce311ba
clone.2: Note that CLONE_NEWUSER needs CONFIG_USER_NS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
06b3045839
clone.2: Rework Eric's CLONE_NEWUSER patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
57ef8c39e7
clone.2: grfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Eric W. Biederman
70d21f174e
clone.2: Describe the user namespace (CLONE_NEWUSER)
...
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
7612b8a7e1
setns.2: setns() into a user namespace grants all capabilities in that namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
3c98ab169f
setns.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
268a93cb30
setns.2: Specify kernel version on each CLONE_NEW* flag
...
And remove text on flags from VERSIONS.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
773f59eb02
setns.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
81714b4f86
setns.2: Rework discussion of restrictions on changing user namespace
...
After comments from Eric Biederman
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
21bfe3e933
setns.2: Clarify capabilities required for reassociating with a mount namespace
...
Based on comments from Eric Biederman.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00
Michael Kerrisk
2a9f74a936
setns.2: SEE ALSO: Add unshare(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:56 -07:00