diff options
| author | Michael Kerrisk <mtk.manpages@gmail.com> | 2021-08-20 23:25:35 +0200 |
|---|---|---|
| committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2021-08-21 00:49:05 +0200 |
| commit | ababc346b30a04c8aef91f08e0cd06380796820a (patch) | |
| tree | 8efab7922935b6f8dede3c3066fa0830f48a3aaf | |
| parent | 906ab4945cd31daa0fb13c22f4a1dc02d3061e67 (diff) | |
| download | man-pages-ababc346b30a04c8aef91f08e0cd06380796820a.tar.gz | |
mount_namespaces.7: wfix: use numbered cross-references in list of restrictions in NOTES
Done to make the list easier to navigate.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
| -rw-r--r-- | man7/mount_namespaces.7 | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/man7/mount_namespaces.7 b/man7/mount_namespaces.7 index 2571ecb6d5..826faf00a3 100644 --- a/man7/mount_namespaces.7 +++ b/man7/mount_namespaces.7 @@ -1045,7 +1045,7 @@ see .\" .SS Restrictions on mount namespaces Note the following points with respect to mount namespaces: -.IP * 3 +.IP [1] 4 Each mount namespace has an owner user namespace. As explained above, when a new mount namespace is created, its mount list is initialized as a copy of the mount list @@ -1054,13 +1054,13 @@ If the new namespace and the namespace from which the mount list was copied are owned by different user namespaces, then the new mount namespace is considered .IR "less privileged" . -.IP * +.IP [2] When creating a less privileged mount namespace, shared mounts are reduced to slave mounts. This ensures that mappings performed in less privileged mount namespaces will not propagate to more privileged mount namespaces. -.IP * +.IP [3] Mounts that come as a single unit from a more privileged mount namespace are locked together and may not be separated in a less privileged mount namespace. @@ -1148,8 +1148,8 @@ command above, which is performed in the initial mount namespace, makes the original .I /etc/shadow file once more visible in that namespace. -.IP * -Following on from the previous point, +.IP [4] +Following on from point [3], note that it is possible to unmount an entire subtree of mounts that propagated as a unit into a less privileged mount namespace, as illustrated in the following example. @@ -1199,7 +1199,7 @@ ns2# \fBgrep /mnt /proc/self/mountinfo | sed \(aqs/ \- .*//\(aq\fP .IP Of note in the above output is that the propagation type of the mount .I /mnt -has been reduced to slave, as explained near the start of this subsection. +has been reduced to slave, as explained in point [2]. This means that submount events will propagate from the master .I /mnt in "ns1", but propagation will not occur in the opposite direction. @@ -1261,7 +1261,7 @@ ns2# \fBgrep /mnt /proc/self/mountinfo\fP 1241 1240 0:57 / /mnt/x/y rw,relatime .EE .in -.IP * +.IP [5] The .BR mount (2) flags @@ -1301,7 +1301,7 @@ mount: /mnt/dir: permission denied. .EE .in .RE -.IP * +.IP [6] .\" (As of 3.18-rc1 (in Al Viro's 2014-08-30 vfs.git#for-next tree)) A file or directory that is a mount point in one namespace that is not a mount point in another namespace, may be renamed, unlinked, or removed |