Commit Graph

3644 Commits

Author SHA1 Message Date
Michael Kerrisk 992dc2cbc1 localedef.1, close.2, copy_file_range.2, execve.2, get_robust_list.2, getdomainname.2, gethostname.2, inotify_add_watch.2, io_submit.2, ioctl_fideduperange.2, kcmp.2, kill.2, mmap.2, move_pages.2, perf_event_open.2, ptrace.2, rt_sigqueueinfo.2, sched_setaffinity.2, sched_setparam.2, setns.2, sigaction.2, signalfd.2, statx.2, syscall.2, syscalls.2, uname.2, write.2, errno.3, fexecve.3, getauxval.3, printf.3, pthread_mutex_consistent.3, pthread_mutexattr_init.3, pthread_mutexattr_setrobust.3, pthread_setcancelstate.3, regex.3, strtok.3, strtol.3, ttyname.3, smartpqi.4, core.5, resolv.conf.5, man-pages.7, mq_overview.7, operator.7, pthreads.7, signal-safety.7, sysvipc.7: Update timestamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-10 22:28:39 +02:00
Michael Kerrisk 86fd6bad0a signal.7: SEE ALSO: add pidfd_send_signal(2)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-10 12:24:28 +02:00
Michael Kerrisk ee81d7e418 namespaces.7: Include manual page references in the summary table of namespace types
Make the page more compact by removing the stub subsections that
list the manual pages for the namespace types. And while we're
here, add an explanation of the table columns.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-09 08:59:22 +02:00
Michael Kerrisk 4d75df3711 mount_namespaces.7: tfix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-09 08:25:04 +02:00
Michael Kerrisk 19416046c5 mount_namespaces.7: Tweak discussion of "less privileged" mount namespace
Eric Biederman:

    I hate to nitpick, but I am going to say that when I read
    the text above the phrase "mount namespace of the process
    that created the new mount namespace" feels wrong.

    Either you use unshare(2) and the mount namespace of the
    process that created the mount namespace changes.

    Or you use clone(2) and you could argue it is the new child
    that created the mount namespace.

    Having a different mount namespace at the end of the
    creation operation feels like it makes your phrase confusing
    about what the starting mount namespace is.  I hate to use
    references that are ambiguous when things are changing.

Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-08 23:30:55 +02:00
Michael Kerrisk 534755eed9 mount_namespaces.7: Explain how a namespace's mount point list is initialized
Provide a more detailed explanation of the initialization of
the mount point list in a new mount namespace.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-08 22:51:59 +02:00
Michael Kerrisk ed425459c5 mount_namespaces.7: tfix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-08 16:26:15 +02:00
Michael Kerrisk a0c9733194 mount_namespaces.7: Clarify description of "less privileged" mount namespaces
The current text talks about "parent mount namespaces", but there
is no such concept. As confirmed by Eric Biederman, what is mean
here is "the mount namespace this mount namespace started as a
copy of". So, this change writes up Eric's description in a more
detailed way.

Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-08 16:20:59 +02:00
Michael Kerrisk a2fc45a9f8 mount_namespaces.7: It may be desirable to disable propagation after creating a namespace
After creating a new mount namespace, it may be desirable to
disable mount propagation. Give the reader a more explicit
hint about this.

Reported-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-07 12:11:30 +03:00
Michael Kerrisk 0b6cf5d26e pthreads.7: Minor tweaks to Carlos O'Donell's patch
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-05 14:54:24 +03:00
Michael Kerrisk 50639a2a18 pthread_setcancelstate.3, pthreads.7: srcfix: wrap source lines at sentence boundaries
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-05 14:54:15 +03:00
Carlos O'Donell dbb01cbbdb pthread_setcancelstate.3, pthreads.7, signal-safety.7: Describe issues with cancellation points in signal handlers
In a recent conversation with Mathieu Desnoyers I was reminded
that we haven't written up anything about how deferred
cancellation and asynchronous signal handlers interact. Mathieu
ran into some of this behaviour and I promised to improve the
documentation in this area to point out the potential pitfall.

Thoughts?

8< --- 8< --- 8<
In pthread_setcancelstate.3, pthreads.7, and signal-safety.7 we
describe that if you have an asynchronous signal nesting over a
deferred cancellation region that any cancellation point in the
signal handler may trigger a cancellation that will behave
as-if it was an asynchronous cancellation. This asynchronous
cancellation may have unexpected effects on the consistency of
the application. Therefore care should be taken with asynchronous
signals and deferred cancellation.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-10-05 14:54:02 +03:00
Michael Kerrisk 27f942adbc sched_setparam.2, pthread_mutexattr_init.3, pthread_mutexattr_setrobust.3, pthread_mutex_consistent.3, strtol.3, sched.7, uts_namespaces.7: SEE ALSO: correct list order
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-09-27 14:18:46 +02:00
Michael Kerrisk c148832982 veth.4, persistent-keyring.7, process-keyring.7, session-keyring.7, thread-keyring.7, user-keyring.7, user-session-keyring.7: srcfix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-09-27 14:18:46 +02:00
Michael Kerrisk 43d438e29b mount_namespaces.7: SEE ALSO: refer to example in pivot_root(2)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-09-23 13:11:19 +02:00
Michael Kerrisk cc245e5bf8 operator.7: Prefix and postfix ++/-- have different precedences
Harbison and Steele also agree on this.

Reported-by: Rick Stanley <rstanley@rsiny.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-09-22 22:58:45 +02:00
Michael Kerrisk 4dfeb670df man-pages.7: Relocate and enhance the text on semantic newlines
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-09-13 15:39:04 +02:00
Michael Kerrisk 724ca69c82 man-pages.7: Paragraphs should not be separated by blank lines
Reported-by: Paul Wise <pabs3@bonedaddy.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-09-13 15:26:13 +02:00
Jakub Wilk 8f397fb4a1 fanotify.7: tfix
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-09-10 12:45:14 +02:00
Michael Kerrisk 96f49e54da signal.7: tfix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-28 11:58:00 +02:00
Eric Biggers 15f2303db3 cgroups.7: tfix
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Marko Myllynen d6094c8a3b capabilities.7: tfix
Hi Michael, it's been a while but few simple patches today..

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Marko Myllynen 8a6c2ad5a8 user_namespaces.7: tfix
This and the previous were the only ones grep found.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Michael Kerrisk 252bba449e uts_namespaces.7: SEE ALSO: add gethostname(2), getdomainname(2), uname(2)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Michael Kerrisk 30e022e516 namespaces.7: Remove content migrated to uts_namespaces(7)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Michael Kerrisk 57829a0e87 uts_namespaces.7: New page with content migrated from namespaces(7)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Michael Kerrisk ab1dc74922 mq_overview.7: wfix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Michael Kerrisk c4279d2660 mq_overview.7, sysvipc.7: Adjust references to namespaces(7) to ipc_namespaces(7)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Michael Kerrisk 25e96f04bc namespaces.7: Remove content migrated to new ipc_namespaces(7) page
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Michael Kerrisk 1d36b4e17b ipc_namespaces.7: New page with content migrated from namespaces(7)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:49 +02:00
Michael Kerrisk 3b9d44099f signal.7: Enhance the text on process-directed and thread-directed signals
clone(2) has a good description of these concepts; borrow
from it liberally.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 23:14:42 +02:00
Michael Kerrisk 96e472175c signal.7: tfix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-26 21:45:13 +02:00
Michael Kerrisk 18b028be2d user_namespaces.7: Improve explanation of meaning of ownership of nonuser namespaces
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-20 09:56:33 +02:00
Michael Kerrisk 7e7e8de32e capabilities.7: CAP_SYS_ADMIN allows modifying autogroup nice values
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-02 13:57:10 +02:00
Michael Kerrisk 63121bd499 pldd.1, bpf.2, chdir.2, clone.2, fanotify_init.2, fanotify_mark.2, intro.2, ipc.2, mount.2, mprotect.2, msgctl.2, msgget.2, msgop.2, pivot_root.2, pkey_alloc.2, poll.2, prctl.2, semctl.2, semget.2, semop.2, setxattr.2, shmctl.2, shmget.2, shmop.2, tkill.2, dlopen.3, exec.3, ftok.3, getutent.3, on_exit.3, strcat.3, cpuid.4, proc.5, capabilities.7, cgroup_namespaces.7, credentials.7, fanotify.7, mount_namespaces.7, namespaces.7, sched.7, signal.7, socket.7, unix.7, user_namespaces.7, vdso.7, xattr.7, ld.so.8: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-08-02 08:34:32 +02:00
Michael Kerrisk fd6307c47f mount_namespaces.7: ffix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-30 08:25:37 +02:00
Michael Kerrisk 2f368cc328 sched.7: SEE ALSO: add pthread_getschedparam(3)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-30 08:25:37 +02:00
Michael Kerrisk 40ca38806d capabilities.7: Add pivot_root(2) to CAP_SYS_ADMIN list
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-28 13:34:28 +02:00
Michael Kerrisk dc95a3a39f mount_namespaces.7: Clarify implications for other NS if mount point is removed in one NS
If a mount point is deleted or renamed or removed in one mount
namespace, this will cause an object that is mounted at that
location in another mount namespace to be unmounted (as verified
by experiment). This was implied by the existing text, but it is
better to make this detail explicit.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-24 07:11:35 +02:00
Michael Kerrisk 930e2ffac4 namespaces.7: srcfix
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-23 21:42:58 +02:00
Michael Kerrisk e70abf48ff mount_namespaces.7: SEE ALSO: add pivot_root(2), pivot_root(8)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-22 20:59:38 +02:00
Michael Kerrisk ae4452ab98 namespaces.7: Note initial values of hostname and domainname in a new UTS namespace
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-20 23:50:50 +02:00
Michael Kerrisk 3b13efed75 capabilities.7: Add a note about using strace on binaries that have capabilities
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-17 04:19:01 +02:00
Michael Kerrisk 705ac54d0f signal.7: Minor text rework
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-13 12:18:08 -06:00
Michael Kerrisk 9b6aa9d133 signal.7: Some reworking of Michal Sekletar's text
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-13 12:15:32 -06:00
Michael Kerrisk cd9b34fc58 signal.7: Relocate Michal Sekletar's text
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-13 11:49:04 -06:00
Michal Sekletar e447e5bad3 signal.7: Clarify that siginfo_t isn't changed on coalescing
Confirmed by experiment by mtk:

$ cat siginfo_nonqueuing.c

                        } while (0)

static void
grimReaper(int sig, siginfo_t *si, void *ucontext)
{
    printf("caught signal %d\n", sig);

    printf("    si_pid=%ld, si_uid=%ld, si_status=%d\n",
            (long) si->si_pid, (long) si->si_uid, si->si_status);
}

static void
child(int sleepTime, uid_t uid, int status)
{
    switch (fork()) {
    case -1:
        errExit("fork");
    case 0:
        sleep(sleepTime);
        if (geteuid() == 0)
            setuid(uid);

        printf("Child %ld with UID %ld exiting with status %d\n",
                (long) getpid(),(long) getuid(), status);
        exit(status);
    default:
        return;
    }
}

int
main(int argc, char *argv[])
{
    struct sigaction sa;
    sigset_t blocking;

    sa.sa_sigaction = grimReaper;
    sa.sa_flags = SA_SIGINFO;
    sigemptyset(&sa.sa_mask);

    if (sigaction(SIGCHLD, &sa, NULL) == -1)
        errExit("sigaction");

    sigemptyset(&blocking);
    sigaddset(&blocking, SIGCHLD);
    if (sigprocmask(SIG_BLOCK, &blocking, NULL) == -1)
        errExit("sigprocmask");

    child(2, 20000, 20);
    child(3, 30000, 30);
    child(1, 10000, 10);

    sleep(5);

    if (sigprocmask(SIG_UNBLOCK, &blocking, NULL) == -1)
        errExit("sigprocmask");

    exit(EXIT_SUCCESS);
}
$ ./siginfo_nonqueuing
Child 4042 with UID 1000 exiting with status 10
Child 4040 with UID 1000 exiting with status 20
Child 4041 with UID 1000 exiting with status 30
caught signal 17
    si_pid=4042, si_uid=1000, si_status=10

Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Lennart Poettering <lennart@poettering.net>

Acked-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Michal Sekletar <msekleta@redhat.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-13 11:44:12 -06:00
Michael Kerrisk c7871135df signal.7: Add subsection on queuing and delivery semantics for standard signals
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-13 11:44:12 -06:00
Michael Kerrisk ed33c6886c credentials.7: Note that /proc/PID/status shows a process's credentials
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-10 15:44:47 +02:00
Michael Kerrisk aa16684c95 signal.7: Various fields in /proc/PID/status show signal-related information
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2019-07-10 15:19:31 +02:00