aboutsummaryrefslogtreecommitdiffstats
path: root/man7/user_namespaces.7
AgeCommit message (Expand)AuthorFilesLines
2024-05-02man/, share/mk/: Move man*/ to man/Alejandro Colomar1-1469/+0
2024-02-25man*/: srcfixAlejandro Colomar1-1/+1
2023-10-31man*/: srcfix (Use .P instead of .PP or .LP)Alejandro Colomar1-60/+60
2023-05-03man*/, man.ignore.grep: srcfix; warn about blank linesAlejandro Colomar1-53/+53
2023-04-29man*/: ffixAlejandro Colomar1-8/+8
2023-04-05man*/: srcfixAlejandro Colomar1-1/+2
2023-04-01user_namespaces.7: Add note about PR_SET_DUMPABLE on nested usernsRodrigo Campos1-0/+17
2023-03-30man*/, man-pages.7: VERSIONS, STANDARDS, HISTORY: Reorganize sectionsAlejandro Colomar1-1/+1
2023-03-12man7/: ffixAlejandro Colomar1-1/+1
2023-02-05Many pages: Use \[bu] instead of \(buAlejandro Colomar1-29/+29
2023-02-05Many pages: Use \[ha] instead of \(haAlejandro Colomar1-2/+2
2023-02-05Many pages: Use \[em] instead of \(emAlejandro Colomar1-4/+4
2023-02-05Many pages: Use \[dq] instead of \(dqAlejandro Colomar1-11/+11
2023-02-05Many pages: Use \[aq] instead of \(aqAlejandro Colomar1-34/+34
2023-01-22user_namespaces.7: ffixAlejandro Colomar1-5/+5
2022-12-04user_namespaces.7: Add missing wordAlejandro Colomar1-2/+2
2022-12-04user_namespaces.7: ffixAlejandro Colomar1-1/+1
2022-12-04user_namespaces.7: wfixAlejandro Colomar1-2/+2
2022-12-04Many pages: wfixAlejandro Colomar1-1/+1
2022-10-30Many pages: Use correct letter case in page titles (TH)Alejandro Colomar1-1/+1
2022-10-29Many pages: Use a consistent style for listsAlejandro Colomar1-38/+38
2022-10-09dist.mk, All pages: .TH: Generate date at 'make dist'Alejandro Colomar1-1/+1
2022-10-09getent.1, iconv.1, intro.1, ldd.1, locale.1, localedef.1, memusage.1, memusag...Alejandro Colomar1-1/+1
2022-09-15Various pages: EXAMPLES: Use unsigned types for loop iteratorsAlex Colomar1-1/+1
2022-09-13Various pages: EXAMPLES: Use <err.h> functionsAlex Colomar1-10/+5
2022-09-09Revert "src.mk, All pages: Move man* to man/"Alejandro Colomar1-0/+1456
2022-09-05src.mk, All pages: Move man* to man/Alejandro Colomar1-1456/+0
2022-08-21All pages: Remove the 5th argument to .THAlejandro Colomar1-1/+1
2022-08-21All pages: Replace the 4th argument to .TH by "Linux man-pages (unreleased)"Alejandro Colomar1-1/+1
2022-07-29Many pages: Use STANDARDS instead of CONFORMING TOAlejandro Colomar1-1/+1
2022-03-20Many pages: Fix style issues reported by `make lint-groff`Alejandro Colomar1-63/+63
2022-02-25Various pages: [Linux-man-pages-copyleft] Use SPDX-License-IdentifierAlejandro Colomar1-21/+1
2021-08-27iconv.1, ldd.1, accept.2, access.2, add_key.2, arch_prctl.2, bpf.2, chmod.2, ...Michael Kerrisk1-1/+1
2021-08-19user_namespaces.7: Add a definition of "global root"Michael Kerrisk1-0/+6
2021-08-18user_namespaces.7: tfixMichael Kerrisk1-1/+1
2021-08-18user_namespaces.7: Document /proc/PID/projid_mapMichael Kerrisk1-0/+42
2021-08-18user_namespaces.7: Minor wording improvementMichael Kerrisk1-2/+2
2021-08-11user_namespaces.7: Improve description of the CAP_SETFCAP requirement when ma...Michael Kerrisk1-3/+39
2021-08-08capabilities.7, user_namespaces.7: Minor tweaks (part 2) to Kir Kolyshkin's p...Michael Kerrisk1-2/+2
2021-08-08capabilities.7, user_namespaces.7: Describe CAP_SETFCAPKir Kolyshkin1-0/+6
2021-08-07user_namespaces.7: Fix a reference to a kernel documentKir Kolyshkin1-1/+1
2021-03-22getent.1, ldd.1, locale.1, localedef.1, memusage.1, memusagestat.1, mtrace.1,...Michael Kerrisk1-1/+1
2021-03-21user_namespaces.7: CAP_SYS_ADMIN now allows mounting of overlayfs fileseystemsMichael Kerrisk1-0/+5
2021-01-21Various pages: use real minus signs in pathnamesMichael Kerrisk1-1/+1
2020-12-27user_namespaces.7: srcfix: remove redundant .PP after .SSMichael Kerrisk1-6/+0
2020-12-27bind.2, clone.2, dup.2, futex.2, mprotect.2, open_by_handle_at.2, pivot_root....Michael Kerrisk1-8/+8
2020-11-01memusage.1, pldd.1, sprof.1, add_key.2, bind.2, bpf.2, clone.2, dup.2, epoll_...Michael Kerrisk1-1/+1
2020-09-24pldd.1, bpf.2, clone.2, dup.2, ioctl_fat.2, nfsservctl.2, open_by_handle_at.2...Michael Kerrisk1-3/+3
2020-09-15add_key.2, clock_getres.2, clone.2, futex.2, getdents.2, getpid.2, getrlimit....Alejandro Colomar1-10/+13
2020-09-06user_namespaces.7: Remove unneeded castAlejandro Colomar1-1/+1
2020-09-05sprof.1, eventfd.2, execve.2, futex.2, getdents.2, mprotect.2, open_by_handle...Michael Kerrisk1-2/+2
2020-08-09pldd.1, bpf.2, execve.2, futex.2, ioctl_fat.2, ioctl_tty.2, keyctl.2, signalf...Michael Kerrisk1-2/+2
2020-06-09iconv.1, locale.1, memusage.1, memusagestat.1, pldd.1, sprof.1, _syscall.2, a...Michael Kerrisk1-1/+1
2020-06-09user_namespaces.7: Clarify "system time"Michael Kerrisk1-1/+1
2020-05-31Various pages: retitle EXAMPLE section heading to EXAMPLESMichael Kerrisk1-1/+1
2020-05-18Various pages: Add missing commas in SEE ALSO part IIKir Kolyshkin1-1/+1
2020-04-27user_namespaces.7: tfixJakub Wilk1-1/+1
2020-04-22user_namespaces.7: wfix: Improve wording in discussion of resetting of 'secur...Michael Kerrisk1-4/+7
2020-04-22user_namespaces.7: tfixMichael Kerrisk1-1/+1
2019-08-26user_namespaces.7: tfixMarko Myllynen1-1/+1
2019-08-20user_namespaces.7: Improve explanation of meaning of ownership of nonuser na...Michael Kerrisk1-2/+3
2019-08-02pldd.1, bpf.2, chdir.2, clone.2, fanotify_init.2, fanotify_mark.2, intro.2, i...Michael Kerrisk1-1/+1
2019-07-02user_namespaces.7: Minor rewordings of recently added textMichael Kerrisk1-2/+3
2019-07-02user_namespaces.7: Minor wording fix to recently added textMichael Kerrisk1-2/+2
2019-07-01user_namespaces.7: Describe the effect of file-related capabilities inside us...Michael Kerrisk1-0/+36
2019-07-01user_namespaces.7: Describe how kernel treats UIDs/GIDs when a process access...Michael Kerrisk1-0/+11
2019-05-18user_namespaces.7: wfixMichael Kerrisk1-1/+1
2019-03-06getent.1, iconv.1, ldd.1, locale.1, localedef.1, memusage.1, memusagestat.1, ...Michael Kerrisk1-1/+1
2019-02-27locale.1, memusage.1, pldd.1, _syscall.2, add_key.2, bind.2, bpf.2, chown.2, ...Michael Kerrisk1-35/+35
2019-02-27locale.7, user_namespaces.7: ffixMichael Kerrisk1-1/+1
2018-11-09user_namespaces.7: tfixJakub Wilk1-1/+1
2018-11-02user_namespaces.7: ffixMichael Kerrisk1-0/+1
2018-10-31user_namespaces.7: wfixMichael Kerrisk1-3/+3
2018-10-31user_namespaces.7: Rework terminology describing ownership of nonuser namespacesMichael Kerrisk1-8/+9
2018-08-18user_namespaces.7: wfixLucas Werkmeister1-1/+1
2018-02-23user_namespaces.7: wfixMichael Kerrisk1-1/+1
2018-02-02iconv.1, bpf.2, copy_file_range.2, fcntl.2, memfd_create.2, mlock.2, mount.2,...Michael Kerrisk1-1/+1
2017-12-06user_namespaces.7: tfixMichael Kerrisk1-1/+1
2017-12-02user_namespaces.7: Mention NS_GET_OWNER_UID ioctl() operationMichael Kerrisk1-0/+6
2017-11-19user_namespaces.7: tfixMichael Kerrisk1-1/+1
2017-11-19user_namespaces.7: Restore historical details about UID mapsMichael Kerrisk1-1/+6
2017-11-19user_namespaces.7: Document new 340 line idmap limitChristian Brauner1-5/+2
2017-10-20capget.2, fanotify_init.2, fcntl.2, ioctl_tty.2, madvise.2, mbind.2, prctl.2,...Michael Kerrisk1-1/+1
2017-09-15iconv.1, ldd.1, locale.1, localedef.1, memusage.1, memusagestat.1, mtrace.1, ...Michael Kerrisk1-1/+1
2017-08-19execve.2, ioctl_console.2, ioctl_iflags.2, ioctl_ns.2, ioctl_userfaultfd.2, k...Michael Kerrisk1-12/+12
2017-08-18aio.7, arp.7, attributes.7, boot.7, cgroups.7, cpuset.7, credentials.7, fanot...Michael Kerrisk1-47/+47
2017-08-18dir_colors.5, feature_test_macros.7, glob.7, ip.7, ipv6.7, man-pages.7, man.7...Michael Kerrisk1-1/+1
2017-08-16memusage.1, clone.2, eventfd.2, futex.2, getdents.2, ioctl_fat.2, ioctl_ns.2,...Michael Kerrisk1-2/+2
2017-05-03_exit.2, alarm.2, chmod.2, clone.2, epoll_ctl.2, fcntl.2, fork.2, fsync.2, ge...Michael Kerrisk1-1/+1
2017-05-03user_namespaces.7: Fixes to exampleStephan Bergmann1-16/+17
2017-01-09pid_namespaces.7, user_namespaces.7: Adjust references to namespaces(7) to io...Michael Kerrisk1-2/+2
2016-12-27user_namespaces.7: Change page cross reference: keyctl(2) ==> keyrings(7)Michael Kerrisk1-1/+1
2016-12-12bind.2, chmod.2, chown.2, chroot.2, clock_getres.2, clone.2, connect.2, dup.2...Michael Kerrisk1-1/+1
2016-12-12mount_namespaces.7, user_namespaces.7: Migrate subsection on mount restrictio...Michael Kerrisk1-65/+0
2016-12-12user_namespaces.7: Add reference to namespaces(7) for NS_GET_USERNS operationMichael Kerrisk1-0/+7
2016-12-12user_namespaces.7: Add reference to namespaces(7) for NS_GET_PARENT operationMichael Kerrisk1-0/+7
2016-12-11user_namespaces.7: ffixMichael Kerrisk1-5/+5
2016-11-11user_namespaces.7: wfixMichael Kerrisk1-1/+1
2016-11-07fallocate.2, fcntl.2, lseek.2, madvise.2, memfd_create.2, mmap.2, remap_file_...Michael Kerrisk1-1/+1
2016-10-31user_namespaces.7: srcfixMichael Kerrisk1-1/+0
2016-10-07getrusage.2, madvise.2, memfd_create.2, mlock.2, mount.2, getauxval.3, core.5...Michael Kerrisk1-1/+1
2016-08-08user_namespaces.7: tfixMichael Kerrisk1-1/+1
2016-08-08user_namespaces.7: Fix order of SEE ALSO entriesMichael Kerrisk1-2/+2
2016-07-17ldd.1, localedef.1, add_key.2, chroot.2, clone.2, fork.2, futex.2, get_mempol...Michael Kerrisk1-1/+1
2016-07-07user_namespaces.7: Clarify details of CAP_SYS_ADMIN and cgroup v1 mountsMichael Kerrisk1-1/+5
2016-07-07user_namespaces.7: wfixMichael Kerrisk1-1/+1
2016-06-30user_namespaces.7: Correct kernel version where XFS added support for user na...Michael Kerrisk1-1/+1
2016-06-29user_namespaces.7: SEE ALSO: add ptrace(2)Michael Kerrisk1-0/+1
2016-06-26user_namespaces.7: Correct user namespace rules for mounting /procMichael Kerrisk1-1/+9
2016-06-26user_namespaces.7: CAP_SYS_ADMIN allows mounting cgroup filesystemsMichael Kerrisk1-0/+6
2016-06-26user_namespaces.7: Clarify CAP_SYS_ADMIN details for mounting FS_USERNS_MOUNT...Michael Kerrisk1-2/+3
2016-06-21user_namespaces.7: List the mount operations permitted by CAP_SYS_ADMINMichael Kerrisk1-0/+38
2016-06-21user_namespaces.7: Add a subsection heading for effects of capabilities in us...Michael Kerrisk1-1/+5
2016-06-21user_namespaces.7: Clarify meaning of privilege in a user namespaceMichael Kerrisk1-3/+18
2016-06-21user_namespaces.7: SEE ALSO: add cgroup_namespaces(7)Michael Kerrisk1-0/+1
2016-06-21user_namespaces.7: Describe a concrete example of capability checkingMichael Kerrisk1-0/+9
2016-06-21user_namespaces.7: Minor wording fixMichael Kerrisk1-2/+2
2016-06-21user_namespaces.7: wfix: reword a long, difficult to understand sentenceMichael Kerrisk1-5/+5
2015-09-13user_namespaces.7: tfixMike Frysinger1-1/+1
2015-03-29Removed trailing white space at end of linesMichael Kerrisk1-1/+1
2015-03-29intro.1, ldd.1, clone.2, getgroups.2, getpid.2, getsockopt.2, ioctl_list.2, m...Michael Kerrisk1-1/+1
2015-03-09user_namespaces.7: Minor tweak to order of "setgroups" textMichael Kerrisk1-7/+7
2015-03-07user_namespaces.7: Tweaks to /proc/PID/setgroups textMichael Kerrisk1-4/+8
2015-03-06user_namespaces.7: wfixMichael Kerrisk1-1/+1
2015-03-06user_namespaces.7: wfixMichael Kerrisk1-1/+2
2015-03-06user_namespaces.7: wfixMichael Kerrisk1-1/+1
2015-03-06user_namespaces.7: tfixMichael Kerrisk1-1/+1
2015-03-06user_namespaces.7: wfixMichael Kerrisk1-2/+2
2015-03-06user_namespaces.7: ffixMichael Kerrisk1-1/+3
2015-03-04user_namespaces.7: wspfixMichael Kerrisk1-0/+1
2015-03-04user_namespaces.7: Handle /proc/PID/setgroups in the example programMichael Kerrisk1-7/+46
2015-03-04user_namespaces.7: Explain why the /proc/PID/setgroups file was addedMichael Kerrisk1-0/+39
2015-03-04user_namespaces.7: Rework test describing restrictions on updating /proc/PID/...Michael Kerrisk1-8/+14
2015-03-04user_namespaces.7: Rework some text describing permission rules for updating ...Michael Kerrisk1-12/+27
2015-03-04proc.5, user_namespaces.7: Migrate description of /proc/PID/setgroups to user...Michael Kerrisk1-3/+92
2015-03-04user_namespaces.7: srcfix: FIXMEMichael Kerrisk1-0/+7
2015-03-04user_namespaces.7: wfixMichael Kerrisk1-1/+1
2015-03-04user_namespaces.7: Some tweaks to Eric Biederman's patchMichael Kerrisk1-28/+39
2015-03-04user_namespaces.7: Update the documentation to reflect the fixes for negative...Eric W. Biederman1-3/+49
2015-03-03user_namespaces.7: wfixMichael Kerrisk1-1/+1
2015-03-03user_namespaces.7: Update kernel version associated with 5-line limit for map...Michael Kerrisk1-1/+1
2015-03-02user_namespaces.7: tfixMichael Kerrisk1-2/+2
2015-01-16user_namespaces.7: tfixMichael Kerrisk1-1/+1
2014-12-30user_namespaces(7): tfixMike Frysinger1-2/+2
2014-11-11user_namespaces(7): tfix: drop spurious underlineMike Frysinger1-1/+1
2014-09-21Removed trailing white space at end of linesMichael Kerrisk1-4/+4
2014-09-21clone.2, flock.2, getpid.2, getunwind.2, mount.2, reboot.2, semop.2, seteuid....Michael Kerrisk1-1/+1
2014-09-16namespaces.7, pid_namespaces.7, user_namespaces.7: srcfix: Add LICENSE_START tagMichael Kerrisk1-0/+2
2014-09-14user_namespaces.7: spfixMichael Kerrisk1-3/+3
2014-09-14user_namespaces.7: wfixMichael Kerrisk1-1/+1
2014-09-14user_namespaces.7: Clarify the meaning of "Mounts that come as a single unit"Eric W. Biederman1-0/+7
2014-09-14user_namespaces.7: Additions from Andy LutomirskiMichael Kerrisk1-0/+6
2014-09-14user_namespaces.7: Improvements from Andy LutomirskiMichael Kerrisk1-3/+15
2014-09-13user_namespaces.7: Add "Restrictions on mount namespaces" sectionEric W. Biederman1-2/+61
2014-09-13user_namespaces.7: Only single-threaded processes can join another user names...Michael Kerrisk1-1/+1
2014-09-13user_namespaces.7: Improve discussion of handling of capabilities during exec...Serge E. Hallyn1-2/+4
2014-09-13user_namespaces.7: srcfixMichael Kerrisk1-1/+1
2014-09-13user_namespaces.7: Say a little less about execve(2) and user ID mappingsMichael Kerrisk1-6/+1
2014-09-13user_namespaces.7: srcfixMichael Kerrisk1-1/+0
2014-09-13user_namespaces.7: Note that user namespaces isolate the root directoryMichael Kerrisk1-1/+4
2014-09-13user_namespaces.7: XFS support for user namespaces was added in Linux 3.11Michael Kerrisk1-1/+3
2014-09-13user_namespaces.7: Rework text on filesystem support for user namespacesMichael Kerrisk1-5/+7
2014-09-13user_namespaces.7: srcfixMichael Kerrisk1-0/+3
2014-09-13user_namespaces.7: Remove a confused sentenceMichael Kerrisk1-5/+0
2014-09-13user_namespaces.7: Document maximum nesting depth for user namespacesMichael Kerrisk1-0/+11
2014-09-13user_namespaces.7: Minor tweaks to example programMichael Kerrisk1-5/+6
2014-09-13clone.2, namespaces.7, pid_namespaces.7, user_namespaces.7: wfix "file system...Michael Kerrisk1-5/+5
2014-09-13user_namespaces.7: Remove discussion of flags that can't be used with CLONE_N...Michael Kerrisk1-31/+0
2014-09-13user_namespaces.7: Document restrictions on CLONE_NEWUSER with other CLONE_* ...Michael Kerrisk1-0/+31
2014-09-13user_namespaces.7: srcfixMichael Kerrisk1-1/+3
2014-09-13user_namespaces.7: Move discussion of availability of user namespaces to NOTESMichael Kerrisk1-14/+14
2014-09-13user_namespaces.7: SEE ALSO: add newgidmap(1), newuidmap(1), subgid(5), subui...Michael Kerrisk1-0/+4
2014-09-13user_namespaces.7: execve(2) will drop capabilities unless the caller's UID m...Michael Kerrisk1-0/+11
2014-09-13user_namespaces.7: wfixMichael Kerrisk1-2/+2
2014-09-13user_namespaces.7: Some subsystems don't support user namespaces in some kern...Michael Kerrisk1-0/+10
2014-09-13user_namespaces.7: srcfix: Add FIXMEMichael Kerrisk1-0/+2
2014-09-13user_namespaces.7: Minor fixes in various placesMichael Kerrisk1-12/+11
2014-09-13user_namespaces.7: srcfixMichael Kerrisk1-1/+0
2014-09-13user_namespaces.7: tfixMichael Kerrisk1-1/+1
2014-09-13user_namespaces.7: Clarify some capabilities detailsMichael Kerrisk1-4/+9
2014-09-13user_namespaces.7: Note treatment of "securebits" flagsMichael Kerrisk1-1/+28
2014-09-13user_namespaces.7: wfixMichael Kerrisk1-1/+1
2014-09-13user_namespaces.7: Rewrote and reorganized various piecesMichael Kerrisk1-52/+101
2014-09-13user_namespaces.7: wfixMichael Kerrisk1-2/+2
2014-09-13user_namespaces.7: SEE ALSO: remove unshare(1) (which is mentioned in namespa...Michael Kerrisk1-1/+0
2014-09-13user_namespaces.7: Clarify that the child of clone() gets all privileges in n...Michael Kerrisk1-4/+11
2014-09-13user_namespaces.7: Add reference to Documentation/namespaces/resource-control...Michael Kerrisk1-0/+4
2014-09-13user_namespaces.7: Further reworking of text on nested namespaces and capabil...Michael Kerrisk1-14/+19
2014-09-13user_namespaces.7: Relocate text on capabilities of initial process in usernsMichael Kerrisk1-12/+11
2014-09-13user_namespaces.7: Explain uid_map and gid_map in the initial user namespaceMichael Kerrisk1-0/+21
2014-09-13user_namespaces.7: Add more detail on unmapped UIDs and GIDs exposed to user ...Michael Kerrisk1-2/+64
2014-09-13user_namespaces.7: Reorganize various pieces of DESCRIPTIONMichael Kerrisk1-52/+45
2014-09-13user_namespaces.7: Remove duplicated text on EPERM + mapping required in pare...Michael Kerrisk1-10/+0
2014-09-13user_namespaces.7: Move a misplaced rule re writing to map filesMichael Kerrisk1-3/+3
2014-09-13user_namespaces.7: Add an example programMichael Kerrisk1-1/+333
2014-09-13user_namespaces.7: Linux 3.9 provides a better implementation of nonoverlappi...Michael Kerrisk1-3/+7
2014-09-13user_namespaces.7: Clarify discussion on privileges of child after clone() by...Michael Kerrisk1-6/+5
2014-09-13user_namespaces.7: Clarify that rules for writing to map files also apply to ...Michael Kerrisk1-3/+11
2014-09-13user_namespaces.7: wfixMichael Kerrisk1-1/+1
2014-09-13user_namespaces.7: srcfixMichael Kerrisk1-11/+11
generated by cgit 1.2.3-korg (git 2.43.0) at 2025-07-04 05:25:04 +0000