Michael Kerrisk
a3435e5c09
Start of man-pages-3.74: renaming .Announce and .lsm files
2014-09-21 12:37:03 +02:00
Michael Kerrisk
1020a99d8d
Ready for 3.73
2014-09-21 11:24:31 +02:00
Michael Kerrisk
f5d401ddda
Removed trailing white space at end of lines
2014-09-21 11:24:24 +02:00
Michael Kerrisk
daf084cc33
clone.2, flock.2, getpid.2, getunwind.2, mount.2, reboot.2, semop.2, seteuid.2, setgid.2, setns.2, setresuid.2, setreuid.2, setuid.2, uname.2, unshare.2, clock.3, drand48.3, proc.5, capabilities.7, credentials.7, mq_overview.7, namespaces.7, pid_namespaces.7, svipc.7, user_namespaces.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-21 11:23:07 +02:00
Michael Kerrisk
b61ada124a
Changes: Ready for 3.73
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-21 11:19:51 +02:00
Michael Kerrisk
9219d20802
clone.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-16 10:05:11 +02:00
Michael Kerrisk
c228b4b4d1
namespaces.7, pid_namespaces.7, user_namespaces.7: srcfix: Add LICENSE_START tag
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-16 09:05:40 +02:00
David Prévot
b7a3dc84e7
fcntl.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 11:10:26 +02:00
Michael Kerrisk
53d084e81a
setns.2: Add pointer to user_namespaces(7)
...
Add pointer to user_namespaces(7) for details on interactions
of user and mount namespaces
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:59:30 +02:00
Michael Kerrisk
d0c5d17b30
setns.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:56:31 +02:00
Michael Kerrisk
9f4bb2a6c2
setns.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:53:18 +02:00
Michael Kerrisk
6edfe90905
setns.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:52:17 +02:00
Michael Kerrisk
fd0a5c693d
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:39:50 +02:00
Michael Kerrisk
1a1d8762eb
pid_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:36:50 +02:00
Michael Kerrisk
09fcbb82f1
user_namespaces.7: spfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Michael Kerrisk
130fbed6c8
unshare.2: Note flags implied by CLONE_THREAD and CLONE_VM
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Michael Kerrisk
672e7505d6
user_namespaces.7: wfix
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Eric W. Biederman
890a86d330
user_namespaces.7: Clarify the meaning of "Mounts that come as a single unit"
...
Quoting Eric Biederman:
The importance of [mounts coming across as a dingle unit] is [to]
allow the global root to mount over things and not have to worry
that someone from a user namespace root can peek underneath.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Eric W. Biederman
69b6b231d7
mount.2: Clarify use of 'mountflags' and 'data' for MS_REMOUNT
...
Quoting Eric Biederman:
One thing that has come up recently (in 3 separate
implementations) is that mount(MS_REMOUNT|...,...) must include
all of the mount flags that need to be preserved. People
creating read-only bind mounts tend to miss that and the locked
flags in mount namespaces. That issue was flushed out now that
the kernel is now not allowing most mount flags to be cleared in
mount namespaces. The interface is non-intuitive and we should
at least document the weirdness.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Michael Kerrisk
576233f00e
user_namespaces.7: Additions from Andy Lutomirski
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
Michael Kerrisk
6cfec3d80a
user_namespaces.7: Improvements from Andy Lutomirski
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:42 -07:00
Eric W. Biederman
b10c74ff25
user_namespaces.7: Add "Restrictions on mount namespaces" section
...
Light edits by mtk
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
7aba437aa1
user_namespaces.7: Only single-threaded processes can join another user namespace
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
258e6b6c7a
namespaces.7: wfix
...
Reported-by: Vitaly Rybnikov <frodox@zoho.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Serge E. Hallyn
1191a90d12
user_namespaces.7: Improve discussion of handling of capabilities during execve(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
11d8ef176b
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
0b497138b9
namespaces.7: Add table of namespaces to top of page
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
309abda4a0
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
c6d54e1fd6
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
beb9df9ed3
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
6c21c0f947
user_namespaces.7: Say a little less about execve(2) and user ID mappings
...
The existing discussion under user and group ID mappings
probably suffices.
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
0ea90cb46d
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
99f04bb1e9
user_namespaces.7: Note that user namespaces isolate the root directory
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
c0d02ab07a
user_namespaces.7: XFS support for user namespaces was added in Linux 3.11
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ed8bd8452c
user_namespaces.7: Rework text on filesystem support for user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
bc92175773
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
1005b0062e
user_namespaces.7: Remove a confused sentence
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
e63259f20e
setns.2: ERRORS: Add EINVAL for two cases of joining a new user namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
6bab36f87c
unshare.2: Add kernel version number for text on CLONE_NEWUSER implying CLONE_FS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ac0079383d
clone.2: Document EPERM error when using CLONE_NEWUSER from chrooted caller
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
40a47a161b
unshare.2: Document EPERM error when using CLONE_NEWUSER from chrooted caller
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
cdd25f2e76
unshare.2: Document EUSERS error
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
6fd119e727
clone.2: Document EUSERS error
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
e56b6c42d1
user_namespaces.7: Document maximum nesting depth for user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
8f99aa89d9
user_namespaces.7: Minor tweaks to example program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
8db3776096
setns.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ff8531686a
pid_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ab3311aa06
clone.2, namespaces.7, pid_namespaces.7, user_namespaces.7: wfix "file system" ==> "filesystem"
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
85e34225be
setns.2: A process can't join a new userns if it shares CLONE_FS attributes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
08e54e516c
unshare.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00