75979920fe
socket.7: Document SO_REUSEPORT socket option
...
Signed-off-by: David Wilson <dw@botanicus.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 08:32:11 +01:00
170e5f0d95
unix.7: Mention SOCK_STREAM socket for ioctl_type of ioctl()
...
from https://bugzilla.redhat.com/show_bug.cgi?id=1110401 .
unix.7 is not clear about socket type of ioctl_type argument of
ioctl() function. The description of SIOCINQ is applicable only
for SOCK_STREAM socket. For SOCK_DGRAM, udp(7) man page gives
correct description of SIOCINQ
Signed-off-by: Jan Chaloupka <jchaloup@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 07:58:28 +01:00
4b139190f9
signal.7: srcfix: note commit hash for futex() restart behavior change
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-21 07:58:27 +01:00
9dc53e71c2
kexec_load.2, personality.2, prctl.2, reboot.2, socket.2, fflush.3, getopt.3, random.3, termios.3, random.4, passwd.5, capabilities.7, signal.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-01 17:14:12 +01:00
1d2bf1840c
capabilities.7: SEE ALSO: add setpriv(1)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-02-01 09:32:37 +01:00
3168ff2db7
signal.7: Add getrandom(2) to list of restartable system calls
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-29 09:03:32 +01:00
6f0dcebc96
signal.7: Add F_OFD_SETLKW to list of restartable operations
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-29 08:51:21 +01:00
aaf4c2a200
tcp.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 11:02:22 +01:00
fb4df4fe68
tcp.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 11:01:18 +01:00
2a479ee403
socket.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:59:44 +01:00
d1a2a5de7a
pthreads.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:58:20 +01:00
9783cf267f
pipe.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:41:42 +01:00
aea4d7b4f5
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:39:58 +01:00
043649cd45
ipv6.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:38:37 +01:00
8e798ccee2
epoll.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:37:06 +01:00
e0a06014c4
bootparam.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-28 10:35:16 +01:00
c17d5bac2e
pthreads.7: tfix
...
Reported-by: Michael Hayes <mike@aiinc.ca>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 08:26:49 +01:00
f5ac5bbfd4
capabilities.7: Minor improvement of detail
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 08:15:05 +01:00
a2d5944156
capabilities.7: tfix
...
Reported-by: Christian Seiler <christian@iwakd.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 08:13:29 +01:00
1c3c805bcd
user_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 07:54:02 +01:00
e4010a258a
pid_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-16 07:54:02 +01:00
1ac80024c9
perf_event_open.2, seccomp.2, setns.2, shmget.2, memchr.3, pthread_tryjoin_np.3, strstr.3, random.4, epoll.7, netlink.7, pid_namespaces.7, tcp.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-10 16:05:01 +01:00
15b236f3ac
tcp.7: Clarify tcp_tw_recycle on Internet-facing hosts
...
Clarify that tcp_tw_recycle will break communication with many
general-purpose remote Internet hosts (namely, remote NAT devices)
even when the Linux device itself is not behind NAT.
Sources:
- BCP to make NAT implementors aware of this problem (2013):
https://tools.ietf.org/html/draft-penno-behave-rfc4787-5382-5508-bis-04#section-3.1.2
- RFC 1323 (PAWS)
- RFC 6191: Reducing the TIME-WAIT State Using TCP Timestamps
- The many users who unknowingly enabled this option on devices
communicating with the general-purpose Internet:
https://www.google.com/search?q=tcp_tw_recycle%20ip%20nat%20timestamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-07 08:47:37 +01:00
bbb4532b69
netlink.7: Add kernel version for NETLINK_CRYPTO
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-07 08:41:08 +01:00
7b42933250
netlink.7: Add NETLINK_CRYPTO
...
Signed-off-by: Stephan Mueller <stephan.mueller@atsec.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-07 08:35:40 +01:00
7d26f7d449
epoll.7: Clarify a comment in example code
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-06 15:36:22 +01:00
a3e65c937b
epoll.7: Use epoll_create1() rather than epoll_create() in the code example
...
epoll_create1() is more or less the preferred API for new
applications, since it allows for some flags and avoids the
misdesigned epoll_create() argument, and so it seems sensible
to use that in the example, rather than epoll_create().
Reported-by: Ignat Loskutov <ignat.loskutov@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-06 15:36:10 +01:00
fe37675283
pid_namespaces.7: wfix + tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-06 15:26:02 +01:00
ba7d7ed976
setns.2, pid_namespaces.7: Elaborate discussion of the PID namespace descendant limitation
...
The setns(2) man page already mentions that CLONE_NEWPID may only
be used with descendant namespaces, but this nuance could be
listed in a few more places so it is not missed.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2015-01-06 15:25:56 +01:00
360d311681
Removed trailing white space at end of lines
2014-12-31 07:46:42 +01:00
0649afd45a
localedef.1, adjtimex.2, clock_nanosleep.2, epoll_ctl.2, ioctl.2, madvise.2, open.2, posix_fadvise.2, prctl.2, restart_syscall.2, sched_setaffinity.2, select.2, semop.2, setsid.2, sgetmask.2, sigaction.2, sigreturn.2, splice.2, syscall.2, syscalls.2, tee.2, tkill.2, abort.3, cmsg.3, exp10.3, ftw.3, getopt.3, ilogb.3, memcmp.3, mq_open.3, pow.3, pthread_setschedparam.3, sigvec.3, sysconf.3, termios.3, tgamma.3, wordexp.3, locale.5, proc.5, resolv.conf.5, cp1251.7, credentials.7, fanotify.7, inotify.7, locale.7, man-pages.7, signal.7, unix.7, ld.so.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-31 07:01:38 +01:00
dba9ebf2b4
user_namespaces(7): tfix
...
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 22:15:28 +01:00
891ba05667
signal.7: Fix SO_RECVTIMEO/ SO_SENDTIMEO confusion in text
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:03 +01:00
d13bc9426e
signal.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:03 +01:00
b69167e19e
signal.7: inotify(7) reads no longer show the odd EINTR error after SIGCONT
...
Since kernel 3.7, reads from inotify(7) file descriptors no longer
show the (Linux oddity) behavior of failing with EINTR when the
process resumes after a stop signal + SIGCONT.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:03 +01:00
b2d757fa4c
signal.7: Since Linux 3.8, reads on inotify(7) file descriptors are restartable
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:02 +01:00
53eea2dbae
signal.7: Mention other "slow devices"
...
Reads from eventfd(2), signalfd(2), timerfd(2), inotify(7),
and fanotify(7) file descriptors are also slow operations
that are restartable.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:02 +01:00
d45832f6ed
signal.7: SEE ALSO: add sigreturn(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-30 16:05:02 +01:00
aeb666ce12
man-pages.7: Clarify that SEE ALSO entries may refer to pages from other projects
...
Reported-by: Laurent Georget <laurent.georget@supelec.fr>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-29 14:32:29 +01:00
d2d136f7e1
man-pages.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-29 12:06:13 +01:00
208c82ce19
pid_namespaces.7: tfix
...
s/PR_GET_CHILD_SUBREAPER/PR_SET_CHILD_SUBREAPER
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-05 06:09:36 +01:00
4fe88cafea
ascii.7: tfix
...
The ' in the compact tables were not escaped correctly resulting in
UTF-8 in the ASCII table.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-12-05 06:09:36 +01:00
e7e006f279
getdents.2, capabilities.7, symlink.7: tfix: Change 'i-node' to 'inode'
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-12 22:32:40 +01:00
445d38c9b5
user_namespaces(7): tfix: drop spurious underline
...
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-11 06:39:06 +01:00
943c52b7bb
fanotify.7: Allow relative paths in example
...
The current example code requires passing an absolute
path to the mount to be watched.
By passing AT_FDCWD to fanotify_mark it can use both
absolute and relative paths.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-11 06:38:27 +01:00
8e38f6d391
fanotify.7: wfix
...
Removed duplicate "using".
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-11 06:36:36 +01:00
3e35b19b10
unix.7: Fix buglet in code snippet in BUGS section
...
Reported-by: Scott Harvey <scott.harvey@stonybrook.edu>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-09 21:15:56 +01:00
f7611a00f6
namespaces(7): minor tweaks
...
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-08 14:27:47 +01:00
464b254bb8
unix.7: grfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-11-08 06:13:13 +01:00
1bcb7fdbb0
standards.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-31 07:25:54 +01:00
fadd2e6538
credentials.7: Cross-reference getgroups(2)
...
Since credentials.7 discusses supplementary GIDs, it should reference
getgroups(2).
Signed-off-by: Josh Triplett <josh@joshtriplett.org>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 15:26:24 +01:00
476cab32c2
locale.7: Minor tweaks to Marko Myllynen's patch
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 15:11:44 +01:00
c5466970d7
locale.7: Improve LOCPATH description
...
LOCPATH is ignored by privileged programs.
Add locale archive references.
Add FILES section.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 15:06:42 +01:00
891121f60e
pid_namespaces(7): Minor grammar tweaks
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 14:15:27 +01:00
c5a000246c
fanotify.7: Tweaks to Heinrich Schuchard's patch on mount paths
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
a4b394f246
fanotify.7: fanotify notifies only events generated on the same mount
...
Unfortunately, fanotify does not inform listeners for all paths
under which a touched filesystem object is visible, but only the
listener using the same path as the process touching the
filesystem object.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
e75c6d07ff
inotify.7: fallocate(2) does not trigger inotify events
...
Calling fallocate(2) does not result in inotify events.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
9ee7cc4faa
fanotify.7: fallocate(2) creates no events
...
fallocate(2) should create FAN_MODIFY events but does not.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
d5b26a6978
fanotify.7: Update BUGS to note bugs still not fixed in 3.17
...
I bumped the Linux version number in the BUGS section to 3.17.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-28 12:59:24 +01:00
83033cd33c
cp1251.7, cp1252.7: Remove space from page name in .TH line
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-16 11:46:43 +02:00
ceffedf46c
cp1252.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-16 11:37:24 +02:00
b8017cf527
Removed trailing white space at end of lines
2014-10-15 11:17:46 +02:00
ad624ff433
readlink.2, readv.2, pthread_rwlockattr_setkind_np.3, signal.7, unix.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-15 11:13:45 +02:00
d02879f70a
unix.7: Various additions and rewordings
...
Notable changes:
* Clarify some details for pathname sockets.
* Add some advice on portably coding with pathname sockets.
* Note the "buggy" behavior for pathname sockets when
the supplied pathname is 108 bytes (after a report by
Tetsuo Handa).
Commented-by: Carlos O'Donell <carlos@systemhalted.org>
Commented-by: David Miller <davem@davemloft.net>
Reported-by: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-14 06:56:49 +02:00
1e24b9333e
socket.7: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-10 06:48:29 +02:00
d53ad479cc
signal.7: pthread_mutex_lock() and pthread_cond_wait() are restartable
...
pthread_mutex_lock(, pthread_cond_wait(), and related APIs are
automatically restarted if interrupted by a signal handler.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-08 11:52:45 +02:00
e890609356
capget.2, ptrace.2, vhangup.2, wait.2, ttyslot.3, console.4, proc.5, utmp.5, boot.7: tfix: page xrefs for init
2014-10-03 08:47:03 +02:00
6f9e0e572e
Removed trailing white space at end of lines
2014-10-03 00:01:00 +02:00
bc65e77236
ldd.1, execve.2, fanotify_init.2, fanotify_mark.2, getrlimit.2, open.2, readlink.2, sched_setattr.2, sched_setscheduler.2, shmget.2, syscalls.2, vmsplice.2, dlopen.3, fseeko.3, getgrent.3, mq_getattr.3, mq_open.3, realpath.3, armscii-8.7, ascii.7, iso_8859-1.7, iso_8859-10.7, iso_8859-11.7, iso_8859-13.7, iso_8859-14.7, iso_8859-15.7, iso_8859-16.7, iso_8859-2.7, iso_8859-3.7, iso_8859-4.7, iso_8859-5.7, iso_8859-6.7, iso_8859-7.7, iso_8859-8.7, iso_8859-9.7, koi8-r.7, koi8-u.7, sched.7, ld.so.8: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 23:47:51 +02:00
fcd9822749
mq_overview.7: Various fixes after review from Davidlohr Bueso
...
Reviewed-by: Davidlohr Bueso <dave@stgolabs.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 23:10:40 +02:00
94d6f75f52
mq_overview.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
b130fda82b
mq_overview.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
1052e1fbcc
mq_overview.7: Update queues_max details for Linux 3.14
...
And in general rework the text a little.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
82f92a9e7c
mq_overview.7: Rework discussion of HARD_MSGMAX
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
3b3d3564aa
mq_overview.7: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
247d9cfdcf
mq_overview.7: Document /proc/sys/fs/mqueue/msgsize_default
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
8ebedd6c29
mq_overview.7: Document /proc/sys/fs/mqueue/msg_default
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:10 +02:00
40502a2842
mq_overview.7: Update details for 'queues_max' limit
...
Things changed in Linux 3.5.
See https://bugs.launchpad.net/bugs/1155695
Reported-by: Arto Bendiken <arto@bendiken.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
81020547cb
mq_overview.7: Update details on defaults and ceiling for 'msgsize_max' limit
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
2d5cee6b4e
mq_overview.7: Update discussion of HARD_MSGMAX
...
The limit has changed in 2.6.33 and then again in 3.5.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
8ef5d0c5ce
mq_overview.7: wfix: s/HARD_MAX/HARD_MSGMAX/
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
5bd24c3688
mq_overview.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-02 22:18:09 +02:00
423cb2f914
iso_8859-1.7: Remove obsolete reference
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 13:38:32 +02:00
94b2c093a4
cp1252.7: Fix broken encodings
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 13:38:32 +02:00
ded04e5995
iso_8859-16.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
edc0328b14
iso_8859-15.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- cosmetics
2014-10-01 12:04:20 +02:00
3e35f5885a
iso_8859-14.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
62d13a89c1
iso_8859-13.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
0ca0440214
iso_8859-11.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
398449e4e1
iso_8859-10.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
3f145ff8fc
iso_8859-9.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
f53c5bdcc3
iso_8859-8.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
390fcba268
iso_8859-8.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
0773f72dd1
iso_8859-7.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
dd7a03e293
iso_8859-6.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
7b9b9bc8e7
iso_8859-5.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
2014-10-01 12:04:20 +02:00
99a7634b9f
iso_8859-4.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
117b0331af
iso_8859-3.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
6b006d3814
iso_8859-2.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
963ae1794d
iso_8859-1.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- cosmetics
2014-10-01 12:04:20 +02:00
5661f357d0
koi8-u.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- list differences between koi8-r.7 vs koi8-u.7
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
0ccc2026da
koi8-r.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments, streamline description
(charsets(7) and Wikipedia provide more detailed
and up-to-date description)
- list differences between koi8-r.7 vs koi8-u.7
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
f916b177e3
cp1251.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
c5f415c63c
armscii-8.7: Charset pages unification, minor cleanups
...
- adjust references
- remove stray comments
- cosmetics
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
5ef5222a35
ascii.7: Charset pages unification, minor cleanups
...
This and the follow-up patches will provide unification of
charset pages, minor cleanups, and some unifying cosmetic
changes. References are adjusted so that all pages include
a reference to charsets(7), which contains a description of
these sets, stray comments are removed, some obsolete
statements (like ISO 8859-1 being the de-facto ASCII
replacement) are removed, and some minor reformatting
to minimize diff's between the pages are done.
The actual substance, the character tables, remain unchanged.
This series changes the following pages (under man7): ascii,
armscii, cp1251, koi8-r, koi8-u, and all of iso_8859-*.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
eee7bea60e
cp1252.7: New page documenting CP 1252
...
CP 1252 is probably one of the most used Windows Code Pages so
let's add a page for it alongside with the already provided
CP 1251 page.
Table generated from /usr/share/i18n/charmaps/CP1252.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-10-01 12:04:20 +02:00
b23c9a79d9
namespaces.7: tfix: CLONE_IPC -> CLONE_NEWIPC
...
CLONE_NEWIPC is the correct constant, as can be seen in the detailed
list of namespaces & their corresponding constants, as well as the
clone(2) man page and include/uapi/linux/sched.h in the Linux source tree.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-23 04:23:11 +02:00
f19db8531d
sched.7: SEE ALSO: add taskset(1)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-21 19:51:48 +02:00
f5d401ddda
Removed trailing white space at end of lines
2014-09-21 11:24:24 +02:00
daf084cc33
clone.2, flock.2, getpid.2, getunwind.2, mount.2, reboot.2, semop.2, seteuid.2, setgid.2, setns.2, setresuid.2, setreuid.2, setuid.2, uname.2, unshare.2, clock.3, drand48.3, proc.5, capabilities.7, credentials.7, mq_overview.7, namespaces.7, pid_namespaces.7, svipc.7, user_namespaces.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-21 11:23:07 +02:00
c228b4b4d1
namespaces.7, pid_namespaces.7, user_namespaces.7: srcfix: Add LICENSE_START tag
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-16 09:05:40 +02:00
fd0a5c693d
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:39:50 +02:00
1a1d8762eb
pid_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-15 10:36:50 +02:00
09fcbb82f1
user_namespaces.7: spfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
672e7505d6
user_namespaces.7: wfix
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
890a86d330
user_namespaces.7: Clarify the meaning of "Mounts that come as a single unit"
...
Quoting Eric Biederman:
The importance of [mounts coming across as a dingle unit] is [to]
allow the global root to mount over things and not have to worry
that someone from a user namespace root can peek underneath.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
576233f00e
user_namespaces.7: Additions from Andy Lutomirski
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:47 -07:00
6cfec3d80a
user_namespaces.7: Improvements from Andy Lutomirski
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-14 21:29:42 -07:00
b10c74ff25
user_namespaces.7: Add "Restrictions on mount namespaces" section
...
Light edits by mtk
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
7aba437aa1
user_namespaces.7: Only single-threaded processes can join another user namespace
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
258e6b6c7a
namespaces.7: wfix
...
Reported-by: Vitaly Rybnikov <frodox@zoho.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
1191a90d12
user_namespaces.7: Improve discussion of handling of capabilities during execve(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
11d8ef176b
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
0b497138b9
namespaces.7: Add table of namespaces to top of page
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
309abda4a0
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
c6d54e1fd6
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
beb9df9ed3
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
6c21c0f947
user_namespaces.7: Say a little less about execve(2) and user ID mappings
...
The existing discussion under user and group ID mappings
probably suffices.
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
0ea90cb46d
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
99f04bb1e9
user_namespaces.7: Note that user namespaces isolate the root directory
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
c0d02ab07a
user_namespaces.7: XFS support for user namespaces was added in Linux 3.11
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
ed8bd8452c
user_namespaces.7: Rework text on filesystem support for user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
bc92175773
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
1005b0062e
user_namespaces.7: Remove a confused sentence
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
e56b6c42d1
user_namespaces.7: Document maximum nesting depth for user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
8f99aa89d9
user_namespaces.7: Minor tweaks to example program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
ff8531686a
pid_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
ab3311aa06
clone.2, namespaces.7, pid_namespaces.7, user_namespaces.7: wfix "file system" ==> "filesystem"
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
f22abd505d
user_namespaces.7: Remove discussion of flags that can't be used with CLONE_NEWUSER
...
That information is better put into individual pages.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
714e9a7874
user_namespaces.7: Document restrictions on CLONE_NEWUSER with other CLONE_* flags
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
1f1d2a8d2b
mq_overview.7: Refer to namespaces(7) for info on POSIX MQs and IPC namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
19b06c778d
capabilities.7: Refer reader to user_namespaces(7) for a discussion of capabilities
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
c3b49118b9
capabilities.7: setns() needs CAP_SYS_ADMIN in the *target* namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
f7ee0f5180
pid_namespaces.7: Fix kernel version number for reboot() in pidns discussion
...
Should be 3.4, not 3.9, as per comments from Eric Biederman
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
78d6b55b9c
pid_namespaces.7: Refer to reboot(2) for a discussion of reboot() inside a PID namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
eb25716ff8
svipc.7: Refer to namespaces(7) for info on System V IPC and IPC namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
f344e055a6
namespaces.7: Document /proc interfaces that are distinct in each IPC namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
7d8d64eb14
namespaces.7: Remove repetitious text under network namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
63f66893e5
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
c3f29a89b5
user_namespaces.7: Move discussion of availability of user namespaces to NOTES
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
b6462f7519
user_namespaces.7: SEE ALSO: add newgidmap(1), newuidmap(1), subgid(5), subuid(5)
...
Pages in the "shadow" package
Reported-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
77f9548830
user_namespaces.7: execve(2) will drop capabilities unless the caller's UID maps to 0
...
Reported-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
550d1c537c
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
0ac408439b
user_namespaces.7: Some subsystems don't support user namespaces in some kernel versions
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
6b92803065
user_namespaces.7: srcfix: Add FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
3b44624fa4
user_namespaces.7: Minor fixes in various places
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
8a87c8b32f
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
589e43bb00
user_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
d68c5f1184
user_namespaces.7: Clarify some capabilities details
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
0666f549da
user_namespaces.7: Note treatment of "securebits" flags
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
37909beed2
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
d916d9d073
user_namespaces.7: Rewrote and reorganized various pieces
...
Mainly the pieces on capabilities, nested namespaces
and namespace membership.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
c9195dede4
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
3a9ff754df
user_namespaces.7: SEE ALSO: remove unshare(1) (which is mentioned in namespaces(7))
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
96ec9d12e6
user_namespaces.7: Clarify that the child of clone() gets all privileges in new userns
...
Nothing special happens for the children of unshare(2).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
c94eb4a68d
user_namespaces.7: Add reference to Documentation/namespaces/resource-control.txt
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
cf7d22a535
user_namespaces.7: Further reworking of text on nested namespaces and capabilities
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
c0098e767d
user_namespaces.7: Relocate text on capabilities of initial process in userns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
20e4a14719
user_namespaces.7: Explain uid_map and gid_map in the initial user namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
3e2a37ec85
user_namespaces.7: Add more detail on unmapped UIDs and GIDs exposed to user space
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
6eda94413b
user_namespaces.7: Reorganize various pieces of DESCRIPTION
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
30f3ddd6dd
user_namespaces.7: Remove duplicated text on EPERM + mapping required in parent userns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
1863e45128
user_namespaces.7: Move a misplaced rule re writing to map files
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
98029e6531
pid_namespaces.7: Add much more detail on CLONE_NEWPID + multhreaded processes
...
CLONE_NEWPID doesn't mix with CLONE_THREAD, CLONE_VM,
and CLONE_SIGHAND.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
bd23efc759
pid_namespaces.7: Further reworking of text on CLONE_NEWPID and threads
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
e0fd534919
pid_namespaces.7: Rework text on threads and CLONE_NEWPID
...
Adapted text from Eric Biederman.
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
7cd5151990
pid_namespaces.7: SEE ALSO: remove unshare(1) (which is mentioned in namespaces(7))
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
81ccc85366
pid_namespaces.7: Mention unshare()+fork() failure case if "init" terminates
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
5597d425e9
pid_namespaces.7: Explain use for readlink() from /proc/self
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:01 -07:00
47832b6dfc
pid_namespaces.7: Clarify text on failure cases with CLONE_VM + multithreaded
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
837ddeb969
pid_namespaces.7: wfix
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
36b04745db
pid_namespaces.7: Mention suspend/resume of containers in intro text
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
cbf542aa98
pid_namespaces.7: tfix
...
Reported-by: Rob Landley <rob@landley.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
bac6162841
pid_namespaces.7: /proc shows mounts according to PID namespace of mounting process
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
805685dc1b
pid_namespaces.7: Note the shell command used for mount procfs
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
ec411de6d5
pid_namespaces.7: Other call sequences fail with multiple threads and CLONE_NEWPID
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
2a4b78e7e2
pid_namespaces.7: Mention PR_SET_CHILD_SUBREAPER in discussion of reparenting to init
...
Reported-by: Vasily Kulikov <segoon@openwall.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
fa88d1a483
namespaces.7, pid_namespaces.7: Add pointer to example program in user_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
8d36d80cc3
user_namespaces.7: Add an example program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
df23ae04d6
user_namespaces.7: Linux 3.9 provides a better implementation of nonoverlapping map checks
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
e4f4f2e125
user_namespaces.7: Clarify discussion on privileges of child after clone() by UID 0
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
1b3d5347f5
user_namespaces.7: Clarify that rules for writing to map files also apply to gid_map
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
0f069d0c69
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
d45d012859
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
54ead6d395
user_namespaces.7: Describe effect of mappings in the context of file-system operations
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
4332e54d27
user_namespaces.7: wfix + ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
674c23884e
user_namespaces.7: Note some interfaces that return overflowuid and overflowgid
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
0df0f26dcc
user_namespaces.7: srcfix: remove obsolete FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
27a6ff6ee6
user_namespaces.7: Describe handling of UIDs+GIDs when passed across a UNIX domain socket
...
UIDs and GIDs are mapped to receiver's userns when passed across
a UNIX domain socket
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
01ce1ceaa1
pid_namespaces.7: srcfix: Removed FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
5ba153e7ac
user_namespaces.7: The initial process in a userns has no capabilities outside the userns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
d6842bf18d
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
627e4074b4
user_namespaces.7: Fix description of inheritance of capabilities across nested namespaces
...
Based on input from Eric Biederman
Calling cap_capable asks: Does the current process have
capability X in userns U.
I see three ways you can have that capability.
1) The current process can be in user namespace U and directly
have capability X.
2) The current process can be in the parent of namespace U and
its euid can be the euid that created user namespace U.
3) You can have be have the capability X in a user namespace
that is an ancestor of U.
Coming from the direction of your manpage text.
With respect to capabilities, the following rules apply to
nested user namespaces.
1. If a process has a capability in a user namespace has that
capability in all descendant user namespaces as well.
2. The user that creates a user namespace while in the parent
namespace has all capabilities in the created namespace
and in all descendent user namespaces.
So having said that part of my problem with your original
text is that it actually switches directions. One one rule
it is looking into the descendent user namespaces, and in the
other rule it is looking at ancestor user namespaces.
So perhaps the text should read:
With respect to capabilities, the following rules are used to
answer the question does a process P have a capability C in a
user namespace U.
1. P has the capability C if P is in user namespace U and
capability C is in process P's capability set.
2. P has the capability C if P is in the parent of user
namespace U and the euid of P is the euid that created user
namespace U.
3. P has the capability C if P has the capability C in some
user namespace V that is an ancestor of U.
Which probably gets a little extra mathematical, but it is
precise.
Reported-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
7ae693d017
user_namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
03611be8d7
user_namespaces.7: Add some references to other pages
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
6c3db75479
pid_namespaces.7: readlink(2) on /proc/self gives the caller's PID in the pidns of /proc
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
6e377abf9c
pid_namespaces.7: Parent process relationships mirror parent PID namespace relationships
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
7a9ab60197
pid_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
546fb4eefe
pid_namespaces.7: Rewrite discussion of nested PID namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
4085d4cde3
pid_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:00 -07:00
963e117faf
pid_namespaces.7: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
84030779d2
pid_namespaces.7: Reorganize and add some subheadings
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
7e0e902b55
clone.2, getpid.2, credentials.7: Replace reference to namespaces(7) with pid_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
024d6a8449
namespaces.7: Remove PID namespaces material shifted to pid_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
a79bacf5f1
pid_namespaces.7: New page splitting PID namespace material out of namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
f58fb24f16
clone.2, seteuid.2, setgid.2, setresuid.2, setreuid.2, setuid.2, unshare.2, capabilities.7, credentials.7: Change reference to namespaces(7) to user_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
62a5214c57
user_namespaces.7: Reorganize and add some subheadings
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
67d1131fd9
namespaces.7: Remove userns material shifted to user_namespaces(7)
...
The user namespaces section was getting long and unwieldy.
Split it into its own page, so that it can be better
structured with subtitles, etc.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
046de6a7d7
user_namespaces.7: New page splitting user namespace material out of namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
9552196ecb
namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
e67b117c39
namespaces.7: Document association between userns and other namespace types
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
365d292a3c
clone.2, unshare.2, namespaces.7: clone() and unshare() fail (EPERM) if caller's UID/GID are not mapped
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
1d5adb6f9e
namespaces.7: Userns creation associates eff. GID of creator with the userns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
5eb7f09d7c
namespaces.7: Move text on capabilities in user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
7f76dc3079
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
cda377d2bc
namespaces.7: Clarify use of 'single line' case when writing userns map files
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
e2eb61370e
namespaces.7: Note rules regarding capabilities and nested namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
9a80f81d04
namespaces.7: Clarify explanation of nested user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
6be09bd882
namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
fd4eb520d6
namespaces.7: srcfix: Added FIXME
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
aa49742066
namespaces.7: Mapping files are empty when a user namespace is first created
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
b87dd2afb0
namespaces.7: User namespace ID mappings can be defined via any member process's map
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
b2e73e0ce8
namespaces.7: Clarify max # of bytes that can be written to a user namespace map
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
3fe8d14797
namespaces.7: Describe semantics of set-user/group-ID programs in a user namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:59 -07:00
e420879421
namespaces.7: Rewrite EPERM rules for writing to user namespace map file
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
1879c18c63
namespaces.7: spfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
d70ee6ff45
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
6155c4554f
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
4d2d9a106f
namespaces.7: Add further EINVAL cases for writes to userspace map files
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
8e5924c0a9
namespaces.7: Clarify a detail in permissions for writing to user namespace map files
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
cfc50babe7
namespaces.7: Violating rules for writing to user namespace map file yields EPERM
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
ed0ce71a31
namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
76f89cbea4
namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
d3c16a98d1
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
147a0c9098
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
b680649a5c
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
291e9237d7
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
029ae9e3f5
namespaces.7: SEE ALSO: add switch_root(8)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
c0004fb480
namespaces.7: Clarify details of sending signals to init from ancestor PID namespaces
...
After email from Eric Biederman
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
b16d757dfd
namespaces.7: When a PID namespace terminates, the other processes get SIGKILL
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:15:58 -07:00
David Wilson