Michael Kerrisk
beb9df9ed3
namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
6c21c0f947
user_namespaces.7: Say a little less about execve(2) and user ID mappings
...
The existing discussion under user and group ID mappings
probably suffices.
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
0ea90cb46d
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
99f04bb1e9
user_namespaces.7: Note that user namespaces isolate the root directory
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
c0d02ab07a
user_namespaces.7: XFS support for user namespaces was added in Linux 3.11
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ed8bd8452c
user_namespaces.7: Rework text on filesystem support for user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
bc92175773
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
1005b0062e
user_namespaces.7: Remove a confused sentence
...
Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
e63259f20e
setns.2: ERRORS: Add EINVAL for two cases of joining a new user namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
6bab36f87c
unshare.2: Add kernel version number for text on CLONE_NEWUSER implying CLONE_FS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ac0079383d
clone.2: Document EPERM error when using CLONE_NEWUSER from chrooted caller
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
40a47a161b
unshare.2: Document EPERM error when using CLONE_NEWUSER from chrooted caller
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
cdd25f2e76
unshare.2: Document EUSERS error
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
6fd119e727
clone.2: Document EUSERS error
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
e56b6c42d1
user_namespaces.7: Document maximum nesting depth for user namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
8f99aa89d9
user_namespaces.7: Minor tweaks to example program
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
8db3776096
setns.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ff8531686a
pid_namespaces.7: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:03 -07:00
Michael Kerrisk
ab3311aa06
clone.2, namespaces.7, pid_namespaces.7, user_namespaces.7: wfix "file system" ==> "filesystem"
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
85e34225be
setns.2: A process can't join a new userns if it shares CLONE_FS attributes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
08e54e516c
unshare.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
6f6808f9fd
unshare.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
4c3d7431b4
unshare.2: CLONE_NEWUSER implies CLONE_FS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
f647dc5e28
unshare.2: Remove obsolete reference to "Restrictions" text in user_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
f22abd505d
user_namespaces.7: Remove discussion of flags that can't be used with CLONE_NEWUSER
...
That information is better put into individual pages.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
5e72cf7d10
clone.2: Improve discussion of flags that can't be specified with CLONE_NEWUSER
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
9d64e39ec8
semop.2: Refer to clone(2) for semantics of CLONE_SYSVSEM and semadj lists
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
5ada4b9491
clone.2: Add more detail on the meaning of CLONE_SYVSEM
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
0d829b7610
unshare.2: Clarify semantics of CLONE_SYSVSEM
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
ea2d20ebcc
unshare.2: CLONE_SYSVSEM does not require CAP_SYS_ADMIN
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
3c881e7c07
unshare.2: CLONE_NEWPID automatically implies CLONE_THREAD
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
88f487166c
unshare.2: CLONE_NEWUSER implies CLONE_THREAD
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
5afd65d175
unshare.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
f231195fce
unshare.2: srcfix: update FIXMEs
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
d34e564554
clone.2: Note restrictions on CLONE_NEWUSER with other CLONE_* flags
...
Refer to user_namespaces(7) for restrictions on CLONE_NEWUSER
with other CLONE_* flags.
Also: document EINVAL error for CLONE_NEWUSER|CLONE_FS.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
333446b9a6
unshare.2: Note restrictions on CLONE_NEWUSER with other CLONE_* flags
...
Refer to user_namespaces(7) for restrictions on CLONE_NEWUSER
with other CLONE_* flags.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
714e9a7874
user_namespaces.7: Document restrictions on CLONE_NEWUSER with other CLONE_* flags
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
1f1d2a8d2b
mq_overview.7: Refer to namespaces(7) for info on POSIX MQs and IPC namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
19b06c778d
capabilities.7: Refer reader to user_namespaces(7) for a discussion of capabilities
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
c3b49118b9
capabilities.7: setns() needs CAP_SYS_ADMIN in the *target* namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
f7ee0f5180
pid_namespaces.7: Fix kernel version number for reboot() in pidns discussion
...
Should be 3.4, not 3.9, as per comments from Eric Biederman
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
78d6b55b9c
pid_namespaces.7: Refer to reboot(2) for a discussion of reboot() inside a PID namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
29368ba01f
reboot.2: Tweak text on reboot in PID namesapces
...
Reviewed-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmai>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
50f31881ac
reboot.2: Document effect of reboot() inside PID namespaces
...
Reported-by: Justin Cormack <justin@street-vision.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
2b91ac7916
reboot.2: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
eb25716ff8
svipc.7: Refer to namespaces(7) for info on System V IPC and IPC namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
f344e055a6
namespaces.7: Document /proc interfaces that are distinct in each IPC namespace
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
7d8d64eb14
namespaces.7: Remove repetitious text under network namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
63f66893e5
user_namespaces.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00
Michael Kerrisk
c3f29a89b5
user_namespaces.7: Move discussion of availability of user namespaces to NOTES
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2014-09-13 20:16:02 -07:00