LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity
16,345 Commits 1 Branch 197 Tags 93 MiB
Commit Graph

16345 Commits

Author SHA1 Message Date
Michael Kerrisk 4ab9f1db3d prctl.2: ERRORS: Add EACCES error for PR_SET_SECCOMP-SECCOMP_MODE_FILTER 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-16 12:35:45 +02:00
Michael Kerrisk d4748fad9f clone.2: EINVAL is generated by glibc wrapper for NULL 'fn' or 'child_stack' 
Clarify that this error is produced by the wrapper function, not
the underlying system call. In particular, the point is that the
raw system call can accommodate a NULL pointer for 'child_stack'.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-15 18:39:57 +02:00
Michael Kerrisk 8e7a186ab8 ld.so.8: Clarify text describing whether secure-mode programs preload libraries 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-15 08:18:21 +02:00
Michael Kerrisk a5a3e91bf9 proc.5: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:41:08 +01:00
Michael Kerrisk 0989246ebd proc.5: Minor tweaks to Namhyung Kim's patch 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:40:39 +01:00
Namhyung Kim dfdf642ebb proc.5: Add description of CLEAR_REFS_MM_HIWATER_RSS 
The Linux kernel commit 695f05593693 ("fs/proc/task_mmu.c: add
user-space support for resetting mm->hiwater_rss (peak RSS)") added a
way to reset peak RSS of a process but missed to update manpage.

Cc: Petr Cermak <petrcermak@chromium.org>
Acked-by: Petr Cermak <petrcermak@chromium.org>
Signed-off-by: Namhyung Kim <namhyung@gmail.com>
 2016-09-12 20:38:44 +01:00
Michael Kerrisk af0cb4bd54 raw.7: Clarify user namespace requirements for CAP_NET_RAW 
Also remove mention of UID 0 as a method or creating
a raw socket. As far as I can tell from reading the
kernel source (net/ipv4/af_inet.c), this is not true.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:22 +01:00
Michael Kerrisk f71d155750 packet.7: Clarify user namespace requirements for CAP_NET_RAW 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:22 +01:00
Michael Kerrisk 47c906e5c4 open.2: Clarify user namespace capability requirements for O_NOATIME 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:22 +01:00
Michael Kerrisk 58afe6afe1 proc.5: Clarify user namespace requirements for /proc/sys/fs/protected_hardlinks 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:22 +01:00
Michael Kerrisk ed1ba8a5eb bindresvport.3, rcmd.3, ip.7: Note user namespace requirements for CAP_NET_BIND_SERVICE 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:22 +01:00
Michael Kerrisk 70b723049c ip.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:22 +01:00
Michael Kerrisk 3294109d14 msgctl.2, msgget.2, msgop.2, semctl.2, semget.2, semop.2, shmctl.2, shmget.2, shmop.2: Note the user namespace requirements for CAP_IPC_OWNER 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:22 +01:00
Michael Kerrisk d4dabee19b chroot.2: Note user namespace requirements for CAP_SYS_CHROOT 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:21 +01:00
Michael Kerrisk c387fb9b2c setuid.2: Note user namespace requirements for CAP_SETUID 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 20:34:21 +01:00
Michael Kerrisk 36a62e0379 setreuid.2: Note user namespace requirements for CAP_SETUID and CAP_SETGID 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk fb03f4addc setresuid.2: Note user namespace requirements for CAP_SETUID 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk 6f22721ecb setgid.2: Note user namespace requirements for CAP_SETGID 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk 52f2c8fb7e setgid.2: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk 1a54ad1eae seteuid.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk cdbc9e153d seteuid.2: Note user namespace requirements for CAP_SETUID and CAP_SETGID 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk 7127bd53ee setuid.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk 0e332aef5f setresuid.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk 02a0d14238 setgid.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk 67453c5afe kill.2: Minor wording fix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk 0a58b1ae5c kill.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:36 +01:00
Michael Kerrisk be8f12726e seccomp.2: CAP_SYS_ADMIN is required only in caller's user namespace 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 16:54:28 +01:00
Michael Kerrisk 32dbbd6416 getrlimit.2: Note user namespace semantics for CAP_SYS_RESOURCE 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk e31d1beb76 getgroups.2: Note user namespace requirements for CAP_SETGID 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 2ff964df8f getdomainname.2: Note user namespace requirements for CAP_SYS_ADMIN 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 6e87fb0b6e gethostname.2: Note user namespace requirements for CAP_SYS_ADMIN 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk af53fcb53e prctl.2: Note user namespace requirements for PR_CAPBSET_DROP CAP_SETPCAP 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk a0b4ac2c1c reboot.2: Note user namespace requirements around CAP_SYS_BOOT 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 1090e3f079 sched_setaffinity.2: Note user namespace requirements for CAP_SYS_NICE 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 097ccd1a89 kill.2: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk a354707257 kill.2: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 7de0791306 kill.2: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 1b1ebece3c kill.2: Note the user namespace requirement for CAP_KILL 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 6fee0ca3ba killpg.2: Refer reader to kill(2) for signal permission rules 
Rather than repeating details here, refer the reader to kill(2)
(so that the rules are in a canonical location, and need only
be edited in one place for future changes--see next commit).

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 40ff9e27dc fcntl.2: Note an important detail of F_SETOWN permission rules for signals 
F_SETOWN records the caller's credentials at the time of
the fcntl() call, and it is these saved credentials that
are used for subsequent permission checks.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 0d86f49075 socket.7: SIOCSPGRP: refer to fcntl(2) F_SETOWN for correct permission rules 
The permission rules described for SIOCCPGRP are wrong. Rather
than repeat the rules here, just refer the reader to fcntl(2),
where the rules are described for F_SETOWN.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 14:04:45 +01:00
Michael Kerrisk 81554da338 close.2: Add mention of the close-on-exec flag 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 13:54:38 +01:00
Michael Kerrisk cfa21a0b8f umask.2: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 07:39:40 +01:00
Michael Kerrisk ddf5e4ab24 open.2: Clarify the rules about how the group ID of a new file is determined 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 07:39:40 +01:00
Michael Kerrisk 40169a93c1 open.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 07:39:40 +01:00
Michael Kerrisk 7351ae87ea open.2: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 07:39:40 +01:00
Michael Kerrisk 3d8af60347 getsid.2: Rework description to be somewhat clearer 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 07:39:40 +01:00
Michael Kerrisk 1986f06518 setsid.2: Refer to credentials(7) for details for details on controlling terminal 
Refer to credentials(7) for details of how a session obtains
a controlling terminal.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 07:39:40 +01:00
Michael Kerrisk a12db8121c getsid.2: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 07:39:39 +01:00
Michael Kerrisk ff437c946b getsid.2: Correct the definition of "session ID" 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-12 07:39:33 +01:00