LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity
22,943 Commits 1 Branch 197 Tags 93 MiB
Commit Graph

170 Commits

Author SHA1 Message Date
Michael Kerrisk 5046cb7268 namespaces.7: Document the /proc/sys/user/* files added in Linux 4.9 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-04-19 15:52:04 +02:00
Michael Kerrisk de340b15cf namespaces.7: SEE ALSO: add ip-netns(8) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-03-02 14:40:30 +01:00
Michael Kerrisk e0ab72cb98 namespaces.7: Remove content split out into ioctl_ns(2) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2017-01-09 15:48:57 +13:00
Michael Kerrisk d510e7de7e namespaces.7: EXAMPLE: rename the example program 
Use a more generic name, since this program may be expanded
in various ways in the future.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-23 09:28:54 +01:00
Michael Kerrisk e79c9e5825 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-23 09:26:09 +01:00
Michael Kerrisk 0fbabfc2d5 namespaces.7: Minor clarification in EXAMPLE 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-23 09:22:27 +01:00
Michael Kerrisk c6ff0d07a0 namespaces.7: EXAMPLE: fix an error in shell session 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-23 09:18:46 +01:00
Michael Kerrisk 794652c5f0 namespaces.7: Minor wording fix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-23 09:18:34 +01:00
Michael Kerrisk d3fca275d2 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-23 09:05:41 +01:00
Michael Kerrisk fa72c2244f namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-14 11:52:55 +01:00
Michael Kerrisk 35deeb8703 bind.2, chmod.2, chown.2, chroot.2, clock_getres.2, clone.2, connect.2, dup.2, fallocate.2, get_mempolicy.2, getpeername.2, getpriority.2, getsockname.2, getsockopt.2, gettimeofday.2, ioctl_ficlonerange.2, ioctl_fideduperange.2, kill.2, mbind.2, mmap.2, mount.2, mprotect.2, nfsservctl.2, nice.2, open.2, perf_event_open.2, pipe.2, pkey_alloc.2, prctl.2, ptrace.2, quotactl.2, remap_file_pages.2, sched_setscheduler.2, set_mempolicy.2, signal.2, signalfd.2, swapon.2, sync_file_range.2, syscalls.2, timer_create.2, timerfd_create.2, utime.2, utimensat.2, wait.2, atof.3, ctime.3, errno.3, fclose.3, fflush.3, insque.3, malloc_get_state.3, mallopt.3, mbsnrtowcs.3, mq_close.3, mq_open.3, mq_receive.3, mq_send.3, printf.3, pthread_attr_init.3, pthread_create.3, pthread_setaffinity_np.3, ptsname.3, remainder.3, strtod.3, tgamma.3, timegm.3, tmpnam.3, ttyname.3, console_ioctl.4, elf.5, filesystems.5, proc.5, utmp.5, capabilities.7, cgroups.7, credentials.7, ddp.7, feature_test_macros.7, fifo.7, inotify.7, libc.7, mount_namespaces.7, namespaces.7, netlink.7, pid_namespaces.7, pkeys.7, shm_overview.7, standards.7, uri.7, user_namespaces.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-12 10:45:24 +01:00
Michael Kerrisk e6f1b08f55 namespaces.7: Adjust example program to show device major and minor numbers 
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-12 07:30:16 +01:00
Michael Kerrisk e0ff749f64 namespaces.7: Comparisons between fstat()ed files should be on st_dev+st_ino 
The FDs returned by NS_GET_USERNS and NS_GET_PAREENT must be
tested by comparing to both the 'st_dev' and 'st_ino' fields
returned by fstat(2).

Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-12 07:30:16 +01:00
Michael Kerrisk 58615b43fb namespaces.7: Add ENOTTY error() for ioctl namespace operations 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-12 07:30:16 +01:00
Michael Kerrisk 519949ecad namespaces.7: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-12 07:30:16 +01:00
Michael Kerrisk 57422589cf namespaces.7: Tweaks to text on ioctl() operations 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-12 07:30:16 +01:00
Michael Kerrisk 6143dbbffd namespaces.7: Document the NS_GET_USERNS and NS_GET_PARENT ioctl() operations 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-12 07:27:23 +01:00
Michael Kerrisk ced6277a7b namespaces.7: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-12-11 11:06:24 +01:00
Michael Kerrisk 1dc3d91d7b namespaces.7: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-11-29 17:55:08 +01:00
Michael Kerrisk b237b37c70 namespaces.7: srcfix: FIXME tidy-up 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-10-29 13:43:30 +02:00
Michael Kerrisk 8512495a12 namespaces.7: tfix 
Reported-by: Nikola Forró <nforro@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-09-23 13:56:31 +02:00
Michael Kerrisk 3df541c0e6 ldd.1, localedef.1, add_key.2, chroot.2, clone.2, fork.2, futex.2, get_mempolicy.2, get_robust_list.2, getitimer.2, getpriority.2, ioctl.2, ioctl_ficlonerange.2, ioctl_fideduperange.2, kcmp.2, kill.2, lookup_dcookie.2, mmap.2, mount.2, open.2, pciconfig_read.2, perf_event_open.2, prctl.2, process_vm_readv.2, ptrace.2, quotactl.2, recv.2, setfsgid.2, setfsuid.2, sysinfo.2, umask.2, umount.2, unshare.2, utimensat.2, wait.2, assert.3, fmax.3, fmin.3, getauxval.3, inet_pton.3, malloc_hook.3, memmem.3, mkdtemp.3, mktemp.3, printf.3, strcasecmp.3, strcat.3, strtoul.3, strxfrm.3, console_codes.4, console_ioctl.4, lirc.4, tty.4, vcs.4, charmap.5, elf.5, locale.5, proc.5, repertoiremap.5, utmp.5, capabilities.7, cgroup_namespaces.7, cgroups.7, charsets.7, cp1251.7, cp1252.7, credentials.7, feature_test_macros.7, iso_8859-1.7, iso_8859-15.7, iso_8859-5.7, koi8-r.7, koi8-u.7, man-pages.7, mount_namespaces.7, namespaces.7, netlink.7, pid_namespaces.7, unix.7, user_namespaces.7, utf-8.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-07-17 18:10:19 +02:00
Michael Kerrisk da031af127 namespaces.7: Refer to new mount_namespaces(7) for information on mount namespaces 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-30 06:08:31 +02:00
Michael Kerrisk 33a1ab5da1 namespaces.7: /proc/PID/ns/* are governed by PTRACE_MODE_READ_FSCREDS 
Permission to dereference/readlink /proc/PID/ns/* symlinks is
governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-29 07:06:29 +02:00
Michael Kerrisk 7575dbc507 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-11 11:32:47 +02:00
Michael Kerrisk 7eb8372d87 namespaces.7: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-06-01 11:21:29 -05:00
Michael Kerrisk 226cb3a87a proc.5, namespaces.7: Move /proc/PID/mounts information to proc(5) 
There was partial duplication, and some extra information
in namespaces(7). Move everything to proc(5).

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-18 22:08:44 +02:00
Michael Kerrisk ad5fa2c3a8 namespaces.7: Remove /proc/PID/mountstats description 
This is a duplicate of information in proc(5).

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-18 22:03:31 +02:00
Michael Kerrisk 68886a1c7e namespaces.7: Nowadays, file changes in /proc/PID/mounts are notified differently 
Exceptional condition for select(), (E)POLLPRI for (e)poll

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-18 22:02:04 +02:00
Michael Kerrisk a2ee61a38a namespaces.7: Remove cgroup namespaces content to a separate page 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-09 23:08:54 +02:00
Michael Kerrisk 434aadd5d3 namespaces.7: Add /proc/PID/mountinfo discussion under cgroup namespaces 
The discussion here is contingent on the acceptance of
Serge Hallyn's patch, "mountinfo: implement show_path
for kernfs and cgroup".

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-09 23:08:54 +02:00
Michael Kerrisk 8079aefa6f namespaces.7: Rework discussion of cgroup namespaces 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-09 23:08:54 +02:00
Serge E. Hallyn 99ef85aba8 namespaces.7: Explain the more important benefit for cgroup namespaces 
mtk: edited text supplied by Serge.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-09 23:08:54 +02:00
Michael Kerrisk fc5a79d886 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-09 23:08:54 +02:00
Michael Kerrisk d4d37f0a53 namespaces.7: Document cgroup namespaces (CLONE_NEWCGROUP) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-09 23:08:54 +02:00
Michael Kerrisk 35fae0aaa0 namespaces.7: SEE ALSO: add cgroups(7) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-09 23:08:52 +02:00
Michael Kerrisk 10f8f8cb75 namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-05-09 23:08:52 +02:00
Michael Kerrisk 979867082b locale.1, localedef.1, _exit.2, accept.2, access.2, acct.2, adjtimex.2, bdflush.2, bind.2, bpf.2, brk.2, chdir.2, chmod.2, chown.2, chroot.2, clock_nanosleep.2, clone.2, close.2, connect.2, copy_file_range.2, create_module.2, delete_module.2, dup.2, epoll_ctl.2, eventfd.2, execve.2, fallocate.2, fanotify_init.2, fcntl.2, flock.2, fork.2, fsync.2, futex.2, get_kernel_syms.2, getdomainname.2, getgroups.2, gethostname.2, getpagesize.2, getpeername.2, getsid.2, getsockname.2, getsockopt.2, gettimeofday.2, init_module.2, ioctl.2, ioctl_list.2, ioperm.2, iopl.2, kexec_load.2, kill.2, killpg.2, link.2, listen.2, llseek.2, lseek.2, madvise.2, memfd_create.2, mincore.2, mkdir.2, mknod.2, mmap.2, mount.2, nanosleep.2, nice.2, open.2, personality.2, pipe.2, poll.2, posix_fadvise.2, read.2, readahead.2, readlink.2, readv.2, recv.2, recvmmsg.2, rename.2, request_key.2, sched_setaffinity.2, sched_setattr.2, select.2, select_tut.2, semctl.2, semop.2, send.2, sendfile.2, sendmmsg.2, seteuid.2, setns.2, setpgid.2, setreuid.2, shutdown.2, sigaction.2, sigaltstack.2, signal.2, signalfd.2, sigpending.2, sigprocmask.2, sigsuspend.2, socketpair.2, splice.2, stat.2, statfs.2, stime.2, symlink.2, sync.2, syscall.2, syscalls.2, times.2, truncate.2, unlink.2, unshare.2, uselib.2, utimensat.2, vfork.2, vhangup.2, wait.2, wait4.2, write.2, a64l.3, abs.3, acos.3, acosh.3, addseverity.3, adjtime.3, aio_read.3, aio_write.3, asin.3, asinh.3, atan.3, atan2.3, atanh.3, atoi.3, backtrace.3, cbrt.3, ceil.3, cfree.3, clearenv.3, clock_getcpuclockid.3, clog10.3, cmsg.3, copysign.3, cos.3, cosh.3, ctermid.3, ctime.3, daemon.3, dirfd.3, div.3, dl_iterate_phdr.3, drand48.3, drand48_r.3, dysize.3, ecvt.3, ecvt_r.3, endian.3, erf.3, erfc.3, errno.3, exec.3, exp.3, exp2.3, expm1.3, fabs.3, fdim.3, ferror.3, fexecve.3, ffs.3, fgetgrent.3, fgetpwent.3, finite.3, flockfile.3, floor.3, fma.3, fmax.3, fmin.3, fmod.3, fopen.3, fpclassify.3, frexp.3, fseeko.3, fts.3, futimes.3, fwide.3, gamma.3, gcvt.3, getaddrinfo.3, getcwd.3, getdate.3, getdirentries.3, getdtablesize.3, getgrent.3, getgrent_r.3, getgrnam.3, getgrouplist.3, gethostbyname.3, gethostid.3, getline.3, getloadavg.3, getmntent.3, getnameinfo.3, getnetent_r.3, getpass.3, getprotoent_r.3, getpwent.3, getpwent_r.3, getpwnam.3, getrpcent_r.3, getservent_r.3, getspnam.3, getsubopt.3, getusershell.3, getutent.3, getw.3, gsignal.3, hypot.3, ilogb.3, inet.3, initgroups.3, insque.3, isalpha.3, isgreater.3, iswblank.3, j0.3, ldexp.3, lgamma.3, lio_listio.3, lockf.3, log.3, log10.3, log1p.3, log2.3, logb.3, lrint.3, lround.3, makedev.3, matherr.3, mbsnrtowcs.3, mkdtemp.3, mkfifo.3, mkstemp.3, mktemp.3, modf.3, mq_close.3, mq_getattr.3, mq_notify.3, mq_receive.3, mq_send.3, nan.3, nextafter.3, on_exit.3, open_memstream.3, opendir.3, perror.3, popen.3, posix_fallocate.3, posix_madvise.3, posix_memalign.3, posix_openpt.3, posix_spawn.3, pow.3, printf.3, profil.3, psignal.3, pthread_attr_setstack.3, pthread_setaffinity_np.3, putenv.3, putpwent.3, qecvt.3, rand.3, random.3, random_r.3, rcmd.3, readdir.3, realpath.3, remainder.3, remquo.3, rexec.3, rint.3, round.3, rpc.3, rpmatch.3, scalb.3, scalbln.3, scandir.3, scanf.3, seekdir.3, sem_wait.3, setbuf.3, setenv.3, setjmp.3, setnetgrent.3, siginterrupt.3, signbit.3, significand.3, sigset.3, sigsetops.3, sigvec.3, sigwait.3, sin.3, sinh.3, sleep.3, sockatmark.3, sqrt.3, statvfs.3, stpcpy.3, stpncpy.3, strdup.3, strerror.3, strftime.3, strlen.3, strnlen.3, strsep.3, strsignal.3, strtod.3, strtok.3, strtol.3, strtoul.3, syslog.3, system.3, tan.3, tanh.3, telldir.3, tempnam.3, termios.3, tgamma.3, timegm.3, timeradd.3, tmpfile.3, tmpnam.3, toascii.3, trunc.3, ttyslot.3, tzset.3, ualarm.3, unlocked_stdio.3, usleep.3, wcpcpy.3, wcpncpy.3, wcscasecmp.3, wcsdup.3, wcsncasecmp.3, wcsnlen.3, wcsnrtombs.3, wprintf.3, y0.3, pts.4, st.4, tty_ioctl.4, elf.5, gai.conf.5, group.5, locale.5, nsswitch.conf.5, proc.5, utmp.5, aio.7, capabilities.7, credentials.7, environ.7, epoll.7, fanotify.7, feature_test_macros.7, inotify.7, ip.7, mq_overview.7, namespaces.7, pipe.7, signal.7, socket.7, standards.7, svipc.7, symlink.7, time.7, unicode.7, unix.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-03-15 17:30:43 +13:00
Michael Kerrisk 63f775e8f5 namespaces.7: SEE ALSO: add lsns(1) 
lsns(1) was recently added in util-linux, probably to appear
in next release (2.28?).

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2016-02-15 15:31:59 +01:00
Michael Kerrisk aea4d7b4f5 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2015-01-28 10:39:58 +01:00
Mike Frysinger f7611a00f6 namespaces(7): minor tweaks 
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-11-08 14:27:47 +01:00
Wieland Hoffmann b23c9a79d9 namespaces.7: tfix: CLONE_IPC -> CLONE_NEWIPC 
CLONE_NEWIPC is the correct constant, as can be seen in the detailed
list of namespaces & their corresponding constants, as well as the
clone(2) man page and include/uapi/linux/sched.h in the Linux source tree.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-23 04:23:11 +02:00
Michael Kerrisk f5d401ddda Removed trailing white space at end of lines 2014-09-21 11:24:24 +02:00
Michael Kerrisk daf084cc33 clone.2, flock.2, getpid.2, getunwind.2, mount.2, reboot.2, semop.2, seteuid.2, setgid.2, setns.2, setresuid.2, setreuid.2, setuid.2, uname.2, unshare.2, clock.3, drand48.3, proc.5, capabilities.7, credentials.7, mq_overview.7, namespaces.7, pid_namespaces.7, svipc.7, user_namespaces.7: tstamp 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-21 11:23:07 +02:00
Michael Kerrisk c228b4b4d1 namespaces.7, pid_namespaces.7, user_namespaces.7: srcfix: Add LICENSE_START tag 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-16 09:05:40 +02:00
Michael Kerrisk fd0a5c693d namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-15 10:39:50 +02:00
Michael Kerrisk 258e6b6c7a namespaces.7: wfix 
Reported-by: Vitaly Rybnikov <frodox@zoho.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:03 -07:00
Michael Kerrisk 0b497138b9 namespaces.7: Add table of namespaces to top of page 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:03 -07:00
Michael Kerrisk 309abda4a0 namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:03 -07:00
Michael Kerrisk c6d54e1fd6 namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:03 -07:00
Michael Kerrisk beb9df9ed3 namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:03 -07:00
Michael Kerrisk ab3311aa06 clone.2, namespaces.7, pid_namespaces.7, user_namespaces.7: wfix "file system" ==> "filesystem" 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:02 -07:00
Michael Kerrisk f344e055a6 namespaces.7: Document /proc interfaces that are distinct in each IPC namespace 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:02 -07:00
Michael Kerrisk 7d8d64eb14 namespaces.7: Remove repetitious text under network namespaces 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:02 -07:00
Michael Kerrisk fa88d1a483 namespaces.7, pid_namespaces.7: Add pointer to example program in user_namespaces(7) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:16:00 -07:00
Michael Kerrisk 024d6a8449 namespaces.7: Remove PID namespaces material shifted to pid_namespaces(7) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 67d1131fd9 namespaces.7: Remove userns material shifted to user_namespaces(7) 
The user namespaces section was getting long and unwieldy.
Split it into its own page, so that it can be better
structured with subtitles, etc.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 9552196ecb namespaces.7: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk e67b117c39 namespaces.7: Document association between userns and other namespace types 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 365d292a3c clone.2, unshare.2, namespaces.7: clone() and unshare() fail (EPERM) if caller's UID/GID are not mapped 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 1d5adb6f9e namespaces.7: Userns creation associates eff. GID of creator with the userns 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 5eb7f09d7c namespaces.7: Move text on capabilities in user namespaces 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 7f76dc3079 namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk cda377d2bc namespaces.7: Clarify use of 'single line' case when writing userns map files 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk e2eb61370e namespaces.7: Note rules regarding capabilities and nested namespaces 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 9a80f81d04 namespaces.7: Clarify explanation of nested user namespaces 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 6be09bd882 namespaces.7: srcfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk fd4eb520d6 namespaces.7: srcfix: Added FIXME 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk aa49742066 namespaces.7: Mapping files are empty when a user namespace is first created 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk b87dd2afb0 namespaces.7: User namespace ID mappings can be defined via any member process's map 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk b2e73e0ce8 namespaces.7: Clarify max # of bytes that can be written to a user namespace map 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk 3fe8d14797 namespaces.7: Describe semantics of set-user/group-ID programs in a user namespace 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:59 -07:00
Michael Kerrisk e420879421 namespaces.7: Rewrite EPERM rules for writing to user namespace map file 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 1879c18c63 namespaces.7: spfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk d70ee6ff45 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 6155c4554f namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 4d2d9a106f namespaces.7: Add further EINVAL cases for writes to userspace map files 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 8e5924c0a9 namespaces.7: Clarify a detail in permissions for writing to user namespace map files 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk cfc50babe7 namespaces.7: Violating rules for writing to user namespace map file yields EPERM 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk ed0ce71a31 namespaces.7: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 76f89cbea4 namespaces.7: ffix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk d3c16a98d1 namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 147a0c9098 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk b680649a5c namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 291e9237d7 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 029ae9e3f5 namespaces.7: SEE ALSO: add switch_root(8) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk c0004fb480 namespaces.7: Clarify details of sending signals to init from ancestor PID namespaces 
After email from Eric Biederman

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk b16d757dfd namespaces.7: When a PID namespace terminates, the other processes get SIGKILL 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk fc49d2ac6b namespaces.7: Repair discussion of signals that can be sent to pidns init process 
From outside a PID namespace, only the SIGKILL and SIGSTOP
signals can be sent to the init process.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 3c96796395 namespaces.7: Fixes to text on forking a process into a PID namespace with no "init" 
Based on comments from Eric Biederman

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk bcf8010e24 namespaces.7: Trying to add a new process to a PID namespace with no "init" fails 
If the PID namespace init process has terminated, then
setns() on a previously opened /proc/PID/ns/pid file
will succeed, but the subsequent fork() will fail with
ENOMEM.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk ed94b9b881 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 53d63b8925 namespaces.7: Document effect of PID namespaces when passing credentials over a socket 
PIDs passed via UNIX domain sockets are translated according to
the receiving process's namespace.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 86499a6b26 namespaces.7: SEE ALSO: Add nsenter(1), unshare(1) 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 3c7103af43 namespaces.7: Remove text on "equivalence" between clone() and fork()+unshare() 
The text probably doesn't help the readers understanding much,
and it's not quite accurate in the case of PID namespaces.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 84c35715ba namespaces.7: tfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk ca29156707 namespaces.7: Explain why unshare() and setns() do not change caller's PID namespace 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk e13b53a611 namespaces.7: wfix 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk e17d07c17b namespaces.7: Note treatment of PID namespace "init" process with respect to signals 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00
Michael Kerrisk 33a3c1b8ec namespaces.7: Repair discussion of termination of "init" in PID namespace 
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
 2014-09-13 20:15:58 -07:00