* man/newgidmap.1.xml: Document the checks performed before
setting the mapping in /proc.
* man/newuidmap.1.xml: Likewise.
+2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
+
+ * man/newgidmap.1.xml: Document the checks performed before
+ setting the mapping in /proc.
+ * man/newuidmap.1.xml: Likewise.
+
2013-08-13 Nicolas François <nicolas.francois@centraliens.net>
* libmisc/idmapping.h: Document what the upper and lower fields
</varlistentry>
</variablelist>
</para>
+
+ <para>
+ <command>newgidmap</command> verifies that the caller is the owner
+ of the process indicated by <option>pid</option> and that for each
+ of the above sets, each of the GIDs in the range [lowergid,
+ lowergid+count] is allowed to the caller according to
+ <filename>/etc/subgid</filename> before setting
+ <filename>/proc/[pid]/gid_map</filename>.
+ </para>
+
</refsect1>
<refsect1 id='options'>
</varlistentry>
</variablelist>
</para>
+
+ <para>
+ <command>newuidmap</command> verifies that the caller is the owner
+ of the process indicated by <option>pid</option> and that for each
+ of the above sets, each of the UIDs in the range [loweruid,
+ loweruid+count] is allowed to the caller according to
+ <filename>/etc/subuid</filename> before setting
+ <filename>/proc/[pid]/uid_map</filename>.
+ </para>
</refsect1>
<refsect1 id='options'>
projects / shadow / commitdiff