2304b0d740
user_namespaces.7: Add a subsection heading for effects of capabilities in user NS
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 13:55:07 +02:00
89070c1a7c
user_namespaces.7: Clarify meaning of privilege in a user namespace
...
Having privilege in a user NS only allows privileged
operations on resources governed by that user NS. Many
privileged operations relate to resources that have no
association with any namespace type, and only processes
with privilege in the initial user NS can perform those
operations.
See https://bugzilla.kernel.org/show_bug.cgi?id=120671
Reported-by: Michał Zegan <webczat_200@poczta.onet.pl>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:48:43 +02:00
61256f9f75
cgroup_namespaces.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:38 +02:00
3afb0c6a8e
user_namespaces.7: SEE ALSO: add cgroup_namespaces(7)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
7ea1c45ebd
user_namespaces.7: Describe a concrete example of capability checking
...
Add a concrete example of how the kernel checks capabilities in
an associated user namespace when a process attempts a privileged
operation.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
06999763ba
user_namespaces.7: Minor wording fix
...
Avoid listing all namespace types in a couple of places,
since such a list is subject to bit rot as the number
of namespace types grows.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
a3969b76b9
user_namespaces.7: wfix: reword a long, difficult to understand sentence
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-21 10:25:14 +02:00
0a66259f35
netlink.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 15:21:30 +02:00
6cab1c1f5f
netlink.7: Rework version information
...
(No changes in technical details.)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 15:21:30 +02:00
813d922024
cgroups.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 15:21:30 +02:00
2a7b88affd
kcmp.2: tfix
...
Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
2016-06-20 15:21:30 +02:00
7f98a23983
unix.7: Update text on socket permissions on other systems
...
At least some of the modern BSDs seem to check for write
permission on a socket. (I tested OpenBSD 5.9.) On Solaris 10,
some light testing suggested that write permission is still
not checked on that system.
See https://bugzilla.kernel.org/show_bug.cgi?id=120061 (and
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1402 )
Reported-by: Carsten Grohmann <carstengrohmann@gmx.de>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 15:21:30 +02:00
44cca454d2
unix.7: Note that umask / permissions have no effect for abstract sockets
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:31 +02:00
d1875c13fc
unix.7: Move some abstract socket details to a separate subsection
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:31 +02:00
9f213833a4
unix.7: Move discussion on pathname socket permissions to DESCRIPTION
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:31 +02:00
b2bbcdb6ac
unix.7: Minor wording fixes
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:30 +02:00
9574e8b061
unix.7: Note that abstract sockets automatically disappear when FDs are closed
...
Added after I ran across this question:
http://unix.stackexchange.com/questions/216784/does-linux-automatically-clean-up-abstract-domain-sockets
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:30 +02:00
89657ef57d
unix.7: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:30 +02:00
00b78c5fda
unix.7: Clarify ownership and permissions assigned during socket creation
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:08:22 +02:00
7578ea2f85
unix.7: Expand discussion of socket permissions
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
ce552c68fb
unix.7: Enhance statement about changing sockets ownership and permissions
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
b1ef409dc7
unix.7: Fix statement about permissions needed to connect to a UNIX doain socket
...
Read permission is not required (verified by experiment).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
820758df1a
unix.7: grfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
bfb9c7c014
getaddrinfo_a.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
67c7e1d53d
getaddrinfo_a.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
31cc838703
getunwind.2, prctl.2, aio_suspend.3, setenv.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
616c2730de
remap_file_pages.2, sigaltstack.2, umask.2, wait4.2, basename.3, canonicalize_file_name.3, dlerror.3, dlopen.3, dlsym.3, sockatmark.3, strtok.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
cd2c21a021
cacos.3, cacosh.3, catan.3, catanh.3: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
83825f79d7
setns.2: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-20 14:00:37 +02:00
36f99b9242
getauxval.3: tfix
...
Fix typo. It's supposed to be "its" not "it's" in this context.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2016-06-15 22:53:03 +02:00
bf56400c13
locale.5: Adjust conformance
...
Since we now know that glibc does not support all the keywords
mentioned in ISO/IEC TR 14652 [1] and in general glibc aims to
be conforming to POSIX first and foremost, I think it's best
just to drop the reference to ISO/IEC TR 14652 from the man page.
1) http://www.open-std.org/jtc1/SC22/WG20/docs/n972-14652ft.pdf
After this I think the locale related man pages are finally as
complete as they need to be.
2016-06-14 18:36:41 +02:00
74e03e909c
locale.5: Document missing keywords, minor updates
...
Cross-checked the current locale.5 page against glibc locales and
fixed the following issues:
- mention define/ifdef/else/endif
- mention reorder-sections-{after,end}
- mention script
- section/section-symbol are not used, only mentioned in the ISO TR
- Fix int_currency_symbol -> int_curr_symbol typo
- few formatting fixes
2016-06-14 18:35:47 +02:00
28ad474d15
charmap.5: Clarify keyword syntax
...
Updates charmap(5) to match the syntax all the glibc
charmap files are using currently.
2016-06-14 18:35:47 +02:00
8f2929107b
locale.5, repertoiremap.5: Clarify keyword syntax
...
All the glibc locale/repertoiremap files use the format described
in the patch. The fix is trivial (and adds an example just in
case), I presume these were copypasted from charmaps.5 page, all
the glibc charmaps use slightly different format for keywords
(I'll send a separate patch to address charmaps.5 next).
2016-06-14 18:35:47 +02:00
dd4d803910
netlink.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-12 13:17:46 +02:00
376db9a14e
netlink.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-12 13:13:46 +02:00
6c5a6b2cf3
netlink.7: tfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-12 13:03:58 +02:00
319a5cb81a
netlink.7: srcfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-12 13:03:58 +02:00
67d0dc132c
netlink.7: Describe netlink socket options
...
Cc: Kir Kolyshkin <kir@openvz.org>
Cc: Michael Kerrisk <mtk.manpages@gmail.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Patrick McHardy <kaber@trash.net>
Cc: Christophe Ricard <christophe.ricard@gmail.com>
Cc: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Andrey Vagin <avagin@openvz.org>
2016-06-12 13:01:20 +02:00
b1bf905af6
localedef.1: Drop --old-style description
...
The glibc upstream decided to drop localedef(1) --old-style
option [1] altogether, I think we can do the same with
localedef(1), the option hasn't done anything in over 16
years and I doubt anyone uses it.
1) https://sourceware.org/git/?p=glibc.git;a=commit;h=6a54bcda7a2a64e465992a9984785443fd594743
2016-06-12 12:47:33 +02:00
43a9c0831c
kcmp.2: Minor wording fix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-11 12:18:43 +02:00
7575dbc507
namespaces.7: wfix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-11 11:32:47 +02:00
c1f78aba44
prctl.2: Refer reader to discussion of /proc/[pid]/timerslack_ns
...
Under discussion of PR_SET_TIMERSLACK, refer the reader to
the /proc/[pid]/timerslack_ns file, documented in proc(5).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-11 10:58:45 +02:00
11f6014270
proc.5: Document /proc/[pid]/timerslack_ns
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-11 10:56:43 +02:00
6e558a81b8
feature_test_macros.7: Emphasize that applications should not directly include <features.h>
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-10 16:47:25 +02:00
74b807b4d0
bdflush.2: ffix
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-10 16:28:25 +02:00
a1476a498c
malloc_hook.3: glibc 2.24 removes __malloc_initialize_hook
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-10 16:26:53 +02:00
49c3367cce
ioctl.2: SEE ALSO: add ioctl_fideduperange(2) and ioctl_ficlonerange(2)
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-09 22:12:34 +02:00
3780f8a5e5
prctl.2: Some wording improvements in timer slack description
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-09 22:12:34 +02:00
6de48cdf60
regex.3: Minor fix to 'info libc' regex reference
...
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-06-09 22:12:34 +02:00
Michael Kerrisk