From: Nicolas François Date: Tue, 13 Aug 2013 17:38:41 +0000 (+0200) Subject: Document checks performed by newgidmap/newuidmap X-Git-Tag: 4.2.1~28 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=29bd7e1929b439f8cb3ec353be03aedc91c6f0c6;p=shadow Document checks performed by newgidmap/newuidmap * man/newgidmap.1.xml: Document the checks performed before setting the mapping in /proc. * man/newuidmap.1.xml: Likewise. --- diff --git a/ChangeLog b/ChangeLog index 74de2e59..c966957d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2013-08-13 Nicolas François + + * man/newgidmap.1.xml: Document the checks performed before + setting the mapping in /proc. + * man/newuidmap.1.xml: Likewise. + 2013-08-13 Nicolas François * libmisc/idmapping.h: Document what the upper and lower fields diff --git a/man/newgidmap.1.xml b/man/newgidmap.1.xml index 725dcd60..1e1d4ba4 100644 --- a/man/newgidmap.1.xml +++ b/man/newgidmap.1.xml @@ -116,6 +116,16 @@ + + + newgidmap verifies that the caller is the owner + of the process indicated by and that for each + of the above sets, each of the GIDs in the range [lowergid, + lowergid+count] is allowed to the caller according to + /etc/subgid before setting + /proc/[pid]/gid_map. + + diff --git a/man/newuidmap.1.xml b/man/newuidmap.1.xml index 0bb47b2e..893cd1a9 100644 --- a/man/newuidmap.1.xml +++ b/man/newuidmap.1.xml @@ -113,6 +113,15 @@ + + + newuidmap verifies that the caller is the owner + of the process indicated by and that for each + of the above sets, each of the UIDs in the range [loweruid, + loweruid+count] is allowed to the caller according to + /etc/subuid before setting + /proc/[pid]/uid_map. +