Michael Kerrisk
ba6f9c34af
s390_sthyi.2: Minor tweaks
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-11 19:41:49 +01:00
Michael Kerrisk
5057157b07
s390_sthyi.2: Minor fixes
...
Reported-by: Stefan Raspl <raspl@linux.vnet.ibm.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-11 19:05:18 +01:00
Michael Kerrisk
ef741e2a72
syscalls.2: Add s390-specific s390_sthyi(2) to syscall list
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-11 18:47:19 +01:00
QingFeng Hao
c336d6e0fb
s390_sthyi.2: New page for s390-specific s390_sthyi(2)
...
Signed-off-by: QingFeng Hao <haoqf@linux.vnet.ibm.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-11 18:46:09 +01:00
Michael Kerrisk
46010ab917
socket.7: tfix
...
Reported-by: Joel Williamson <jwilliamson@carnegietechnologies.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-11 18:40:14 +01:00
Michael Kerrisk
cfd7fdf5ed
Changes.old: tfix
...
Reported-by: Jakub Wilk <jwilk@jwilk.net>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-11 18:34:58 +01:00
Michael Kerrisk
ec9612a19f
network_namespaces.7: Minor adjustments to list of resources governed by network namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-10 23:19:17 +01:00
Michael Kerrisk
5d9b8ae9b9
sysfs.5: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-10 23:19:17 +01:00
Michael Kerrisk
f9ecf99e59
network_namespaces.7: When a NW namespace is freed, veth devices are destroyed
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-10 23:19:17 +01:00
Michael Kerrisk
f051ce24ac
network_namespaces.7: Reorganize text
...
No content changes...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-10 23:19:17 +01:00
Michael Kerrisk
2685b303e3
namespaces.7, network_namespaces.7: Move content from namespaces(7) to network_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-10 23:19:17 +01:00
Michael Kerrisk
9f7ce0c2e8
network_namespaces.7: New page describing network namespaces
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-10 23:19:17 +01:00
Michael Kerrisk
c4851a982b
veth.4: Add network_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-10 23:19:17 +01:00
Michael Kerrisk
4bf43ba523
pid_namespaces.7: SEE ALSO: add mount_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-08 10:13:42 +01:00
Michael Kerrisk
54b9d7bf87
user_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-06 15:05:15 +01:00
Michael Kerrisk
e62172cbd9
capabilities.7: Rephrase CAP_SETPCAP description
...
* Mention kernel versions.
* Place current kernel behavior first
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-05 22:27:27 +01:00
G. Branden Robinson
777411ae61
iconv.1, pthread_rwlockattr_setkind_np.3, man-pages.7, socket.7, iconvconfig.8: Standardize on "nonzero"
...
Also add this term to the style guide in man-pages(7).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-05 22:27:13 +01:00
John Hubbard
ffa518803e
mmap.2: MAP_FIXED is no longer discouraged
...
MAP_FIXED has been widely used for a very long time, yet the man
page still claims that "the use of this option is discouraged".
The documentation assumes that "less portable" == "must be discouraged".
Instead of discouraging something that is so useful and widely used,
change the documentation to explain its limitations better.
Signed-off-by: John Hubbard <jhubbard@nvidia.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-05 22:27:08 +01:00
roblabla
0f24751222
pthread_mutexattr_init.3: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-05 22:27:06 +01:00
Michael Kerrisk
e93e59f97b
capabilities.7: SECBIT_KEEP_CAPS is ignored if SECBIT_NO_SETUID_FIXUP is set
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-03 11:16:32 +01:00
Michael Kerrisk
e43d2a6013
capabilities.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-03 11:16:32 +01:00
Michael Kerrisk
02ff4f27c2
capabilities.7: Note which capability sets are affected by SECBIT_NO_SETUID_FIXUP
...
Note explicitly that SECBIT_NO_SETUID_FIXUP is relevant for
the permitted, effective, and ambient capability sets.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-03 11:16:19 +01:00
Michael Kerrisk
ae16c99d97
prctl.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 16:23:00 +01:00
Michael Kerrisk
7c8eb8f7cf
capabilities.7: Deemphasize the ancient prctl(2) PR_SET_KEEPCAPS command
...
The modern approach is SECBITS_KEEP_CAPS.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 16:21:37 +01:00
Michael Kerrisk
f7dbc40ee7
capabilities.7: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 16:21:37 +01:00
Michael Kerrisk
0336144833
prctl.2: Defer to capabilities(7) for discussion of the "keep capabilities" flag
...
It makes no sense to describe this flag in two different
manual pages, so consolidate the description to one page.
Furthermore, the following statement that was in the prctl(2)
page is not correct:
A thread's effective capability set is always cleared
when such a credential change is made, regardless of
the setting of the "keep capabilities" flag.
The effective set is not cleared if, for example, the
credential sets were [ruid != 0, euid != 0, suid == 0]
and suid is switched to zero while the "keep capabilities"
flag is set.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 16:21:13 +01:00
Michael Kerrisk
705a8f33f1
capabilities.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 15:43:02 +01:00
Michael Kerrisk
bbb186d403
capabilities.7: Clarify which capability sets are effected by SECBIT_KEEP_CAPS
...
This flag has relevance only for the process permitted and
effective sets.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 15:40:39 +01:00
Michael Kerrisk
e67ac266c8
capabilities.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 15:08:52 +01:00
Michael Kerrisk
f6b60423bd
capabilities.7: Ambient set is also cleared when UIDs are set to nonzero value
...
See cap_emulate_setxuid():
kuid_t root_uid = make_kuid(old->user_ns, 0);
if ((uid_eq(old->uid, root_uid) ||
uid_eq(old->euid, root_uid) ||
uid_eq(old->suid, root_uid)) &&
(!uid_eq(new->uid, root_uid) &&
!uid_eq(new->euid, root_uid) &&
!uid_eq(new->suid, root_uid))) {
if (!issecure(SECURE_KEEP_CAPS)) {
cap_clear(new->cap_permitted);
cap_clear(new->cap_effective);
}
/*
* Pre-ambient programs expect setresuid to nonroot followed
* by exec to drop capabilities. We should make sure that
* this remains the case.
*/
cap_clear(new->cap_ambient);
}
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 11:08:40 +01:00
Michael Kerrisk
8e821c3aa8
user_namespaces.7: Mention NS_GET_OWNER_UID ioctl() operation
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 09:22:40 +01:00
Michael Kerrisk
a563b19b70
capabilities.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-02 09:12:07 +01:00
Michael Kerrisk
6dfb150c9f
seccomp.2: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-01 22:03:20 +01:00
Michael Kerrisk
b94c5c5a5b
seccomp.2: Clarify that SECCOMP_RET_TRAP SIGSYS signal is thread-directed
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-12-01 22:02:43 +01:00
Michael Kerrisk
3411d30b10
memfd_create.2: glibc support for memfd_create() was added in version 2.27
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-30 18:59:48 +01:00
Michael Kerrisk
39874d761d
mlock.2: glibc support for mlock2() is added in version 2.27
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-30 18:58:53 +01:00
Michael Kerrisk
072337de25
ldd.1: Minor wording fix + tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-30 10:59:58 +01:00
Michael Kerrisk
b320d728f9
unshare.2: Clarify the EUSERS occurred only until kernel 4.8
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-29 17:18:35 +01:00
Michael Kerrisk
910d43452d
Changes.old: tfix
...
Reported-by: Andries E. Brouwer <Andries.Brouwer@cwi.nl>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-27 17:51:52 +01:00
Michael Kerrisk
8c71c67c21
Changes.old: Fixes for 4.14 changelog
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-27 17:49:50 +01:00
Michael Kerrisk
157fe4e334
Start of man-pages-4.15: updating Changes and Changes.old
2017-11-26 12:49:38 +01:00
Michael Kerrisk
70181c938f
Start of man-pages-4.15: updating .Announce and .lsm files
2017-11-26 12:49:37 +01:00
Michael Kerrisk
b8c73f3718
Start of man-pages-4.15: renaming .Announce and .lsm files
2017-11-26 12:49:37 +01:00
Michael Kerrisk
c69ba7e390
Ready for 4.14
2017-11-26 12:42:33 +01:00
Michael Kerrisk
c6688cd124
Removed trailing white space at end of lines
2017-11-26 12:42:22 +01:00
Michael Kerrisk
1c6f59c276
getpid.2, pipe.2, abort.3, daemon.3, pthread_yield.3, stdio.3, sysconf.3, tty.4, shells.5, sysfs.5, fifo.7, hier.7, icmp.7, path_resolution.7, pid_namespaces.7, standards.7: tstamp
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-26 12:38:46 +01:00
Michael Kerrisk
cd79b0c4ff
veth.4: Add missing license tags
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-26 12:36:20 +01:00
Michael Kerrisk
ed6235cff1
Changes: Ready for 4.14
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-26 12:21:32 +01:00
Michael Kerrisk
b0a36622df
Changes.old: wsfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-26 12:05:30 +01:00
Michael Kerrisk
d2414cb5a1
makedev.3: Minor fixes to Adrian Bunk's patch
...
Note glibc version where deprecation occurred.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-11-25 14:23:05 +01:00