[Pkg-shadow-devel] [PATCH 1/1] man: newuid and newgid: point out that root must be allocated subuids
Eric W. Biederman
ebiederm at xmission.com
Wed Jun 11 21:49:44 UTC 2014
Serge Hallyn <serge.hallyn at ubuntu.com> writes:
> Users may otherwise be confused and think that because the kernel
> does not restrict uid mappings to the root user (within his
> current uid mappings), newuidmap will ignore /etc/subuid for the
> root user. It will not.
>
> Reported-by: Philippe Grégoire <gregoirep at hotmail.com>
> Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: "Eric W. Biederman" <ebiederm at xmission.com>
> ---
> man/newgidmap.1.xml | 2 ++
> man/newuidmap.1.xml | 2 ++
> 2 files changed, 4 insertions(+)
>
> diff --git a/man/newgidmap.1.xml b/man/newgidmap.1.xml
> index ad7a186..3c1955a 100644
> --- a/man/newgidmap.1.xml
> +++ b/man/newgidmap.1.xml
> @@ -85,6 +85,8 @@
> <para>
> The <command>newgidmap</command> sets <filename>/proc/[pid]/gid_map</filename> based on it's
> command line arguments and the gids allowed in <filename>/etc/subgid</filename>.
> + Note that the root user is not exempted from the requirement for a valid
> + <filename>/etc/subgid</filename> entry.
> </para>
>
> <para>
> diff --git a/man/newuidmap.1.xml b/man/newuidmap.1.xml
> index 04bb14f..e07414f 100644
> --- a/man/newuidmap.1.xml
> +++ b/man/newuidmap.1.xml
> @@ -82,6 +82,8 @@
> <para>
> The <command>newuidmap</command> sets <filename>/proc/[pid]/uid_map</filename> based on it's
> command line arguments and the uids allowed in <filename>/etc/subuid</filename>.
> + Note that the root user is not exempted from the requirement for a valid
> + <filename>/etc/subuid</filename> entry.
> </para>
>
> <para>
More information about the Pkg-shadow-devel
mailing list