Michael Kerrisk
2304b0d740
user_namespaces.7: Add a subsection heading for effects of capabilities in user NS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 13:55:07 +02:00
Michael Kerrisk
89070c1a7c
user_namespaces.7: Clarify meaning of privilege in a user namespace
...
Having privilege in a user NS only allows privileged
operations on resources governed by that user NS. Many
privileged operations relate to resources that have no
association with any namespace type, and only processes
with privilege in the initial user NS can perform those
operations.
See https://bugzilla.kernel.org/show_bug.cgi?id=120671
Reported-by: Michał Zegan <webczat_200@poczta.onet.pl>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:48:43 +02:00
Michael Kerrisk
61256f9f75
cgroup_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:38 +02:00
Michael Kerrisk
3afb0c6a8e
user_namespaces.7: SEE ALSO: add cgroup_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
Michael Kerrisk
7ea1c45ebd
user_namespaces.7: Describe a concrete example of capability checking
...
Add a concrete example of how the kernel checks capabilities in
an associated user namespace when a process attempts a privileged
operation.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
Michael Kerrisk
06999763ba
user_namespaces.7: Minor wording fix
...
Avoid listing all namespace types in a couple of places,
since such a list is subject to bit rot as the number
of namespace types grows.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
Michael Kerrisk
a3969b76b9
user_namespaces.7: wfix: reword a long, difficult to understand sentence
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
Michael Kerrisk
0a66259f35
netlink.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 15:21:30 +02:00
Michael Kerrisk
6cab1c1f5f
netlink.7: Rework version information
...
(No changes in technical details.)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 15:21:30 +02:00
Michael Kerrisk
813d922024
cgroups.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 15:21:30 +02:00
Jakub Wilk
2a7b88affd
kcmp.2: tfix
...
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
2016-06-20 15:21:30 +02:00
Michael Kerrisk
7f98a23983
unix.7: Update text on socket permissions on other systems
...
At least some of the modern BSDs seem to check for write
permission on a socket. (I tested OpenBSD 5.9.) On Solaris 10,
some light testing suggested that write permission is still
not checked on that system.
See https://bugzilla.kernel.org/show_bug.cgi?id=120061 (and
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1402 )
Reported-by: Carsten Grohmann <carstengrohmann@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 15:21:30 +02:00
Michael Kerrisk
44cca454d2
unix.7: Note that umask / permissions have no effect for abstract sockets
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:31 +02:00
Michael Kerrisk
d1875c13fc
unix.7: Move some abstract socket details to a separate subsection
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:31 +02:00
Michael Kerrisk
9f213833a4
unix.7: Move discussion on pathname socket permissions to DESCRIPTION
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:31 +02:00
Michael Kerrisk
b2bbcdb6ac
unix.7: Minor wording fixes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:30 +02:00
Michael Kerrisk
9574e8b061
unix.7: Note that abstract sockets automatically disappear when FDs are closed
...
Added after I ran across this question:
http://unix.stackexchange.com/questions/216784/does-linux-automatically-clean-up-abstract-domain-sockets
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:30 +02:00
Michael Kerrisk
89657ef57d
unix.7: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:30 +02:00
Michael Kerrisk
00b78c5fda
unix.7: Clarify ownership and permissions assigned during socket creation
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:22 +02:00
Michael Kerrisk
7578ea2f85
unix.7: Expand discussion of socket permissions
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
ce552c68fb
unix.7: Enhance statement about changing sockets ownership and permissions
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
b1ef409dc7
unix.7: Fix statement about permissions needed to connect to a UNIX doain socket
...
Read permission is not required (verified by experiment).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
820758df1a
unix.7: grfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
bfb9c7c014
getaddrinfo_a.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
67c7e1d53d
getaddrinfo_a.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
31cc838703
getunwind.2, prctl.2, aio_suspend.3, setenv.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
616c2730de
remap_file_pages.2, sigaltstack.2, umask.2, wait4.2, basename.3, canonicalize_file_name.3, dlerror.3, dlopen.3, dlsym.3, sockatmark.3, strtok.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
cd2c21a021
cacos.3, cacosh.3, catan.3, catanh.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Michael Kerrisk
83825f79d7
setns.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
Tobias Stoeckmann
36f99b9242
getauxval.3: tfix
...
Fix typo. It's supposed to be "its" not "it's" in this context.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2016-06-15 22:53:03 +02:00
Marko Myllynen
bf56400c13
locale.5: Adjust conformance
...
Since we now know that glibc does not support all the keywords
mentioned in ISO/IEC TR 14652 [1] and in general glibc aims to
be conforming to POSIX first and foremost, I think it's best
just to drop the reference to ISO/IEC TR 14652 from the man page.
1) http://www.open-std.org/jtc1/SC22/WG20/docs/n972-14652ft.pdf
After this I think the locale related man pages are finally as
complete as they need to be.
2016-06-14 18:36:41 +02:00
Marko Myllynen
74e03e909c
locale.5: Document missing keywords, minor updates
...
Cross-checked the current locale.5 page against glibc locales and
fixed the following issues:
- mention define/ifdef/else/endif
- mention reorder-sections-{after,end}
- mention script
- section/section-symbol are not used, only mentioned in the ISO TR
- Fix int_currency_symbol -> int_curr_symbol typo
- few formatting fixes
2016-06-14 18:35:47 +02:00
Marko Myllynen
28ad474d15
charmap.5: Clarify keyword syntax
...
Updates charmap(5) to match the syntax all the glibc
charmap files are using currently.
2016-06-14 18:35:47 +02:00
Marko Myllynen
8f2929107b
locale.5, repertoiremap.5: Clarify keyword syntax
...
All the glibc locale/repertoiremap files use the format described
in the patch. The fix is trivial (and adds an example just in
case), I presume these were copypasted from charmaps.5 page, all
the glibc charmaps use slightly different format for keywords
(I'll send a separate patch to address charmaps.5 next).
2016-06-14 18:35:47 +02:00
Michael Kerrisk
dd4d803910
netlink.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-12 13:17:46 +02:00
Michael Kerrisk
376db9a14e
netlink.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-12 13:13:46 +02:00
Michael Kerrisk
6c5a6b2cf3
netlink.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-12 13:03:58 +02:00
Michael Kerrisk
319a5cb81a
netlink.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-12 13:03:58 +02:00
Andrey Vagin
67d0dc132c
netlink.7: Describe netlink socket options
...
Cc: Kir Kolyshkin <kir@openvz.org>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Patrick McHardy <kaber@trash.net>
Cc: Christophe Ricard <christophe.ricard@gmail.com>
Cc: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2016-06-12 13:01:20 +02:00
Marko Myllynen
b1bf905af6
localedef.1: Drop --old-style description
...
The glibc upstream decided to drop localedef(1) --old-style
option [1] altogether, I think we can do the same with
localedef(1), the option hasn't done anything in over 16
years and I doubt anyone uses it.
1) https://sourceware.org/git/?p=glibc.git;a=commit;h=6a54bcda7a2a64e465992a9984785443fd594743
2016-06-12 12:47:33 +02:00
Michael Kerrisk
43a9c0831c
kcmp.2: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-11 12:18:43 +02:00
Michael Kerrisk
7575dbc507
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-11 11:32:47 +02:00
Michael Kerrisk
c1f78aba44
prctl.2: Refer reader to discussion of /proc/[pid]/timerslack_ns
...
Under discussion of PR_SET_TIMERSLACK, refer the reader to
the /proc/[pid]/timerslack_ns file, documented in proc(5).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-11 10:58:45 +02:00
Michael Kerrisk
11f6014270
proc.5: Document /proc/[pid]/timerslack_ns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-11 10:56:43 +02:00
Michael Kerrisk
6e558a81b8
feature_test_macros.7: Emphasize that applications should not directly include <features.h>
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-10 16:47:25 +02:00
Michael Kerrisk
74b807b4d0
bdflush.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-10 16:28:25 +02:00
Michael Kerrisk
a1476a498c
malloc_hook.3: glibc 2.24 removes __malloc_initialize_hook
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-10 16:26:53 +02:00
Michael Kerrisk
49c3367cce
ioctl.2: SEE ALSO: add ioctl_fideduperange(2) and ioctl_ficlonerange(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-09 22:12:34 +02:00
Michael Kerrisk
3780f8a5e5
prctl.2: Some wording improvements in timer slack description
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-09 22:12:34 +02:00
Michael Kerrisk
6de48cdf60
regex.3: Minor fix to 'info libc' regex reference
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-09 22:12:34 +02:00