aboutsummaryrefslogtreecommitdiffstats
path: root/man7/capabilities.7
diff options
context:
space:
mode:
authorMichael Kerrisk <mtk.manpages@gmail.com>2009-08-02 09:08:41 +0200
committerMichael Kerrisk <mtk.manpages@gmail.com>2009-08-02 09:08:41 +0200
commit129bf37be89c8d4751479798ca4952884850eb32 (patch)
tree9eac5c6964bb7c110903de53efd573fb7c484b4a /man7/capabilities.7
parent1f9b08391e9dec8ff50c86accc3bed7b9e718520 (diff)
downloadman-pages-129bf37be89c8d4751479798ca4952884850eb32.tar.gz
capabilities.7: FS UID manipulations affect CAP_LINUX_IMMUTABLE and CAP_MKNOD
Nowadays, file system UID manipulations also affect CAP_LINUX_IMMUTABLE (since 2.6.3) and CAP_MKNOD (since 2.6.29). Reported-by: Serge Hallyn: <serue@us.ibm.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Diffstat (limited to 'man7/capabilities.7')
-rw-r--r--man7/capabilities.78
1 files changed, 6 insertions, 2 deletions
diff --git a/man7/capabilities.7 b/man7/capabilities.7
index 5a5902683f..e5f1fe7012 100644
--- a/man7/capabilities.7
+++ b/man7/capabilities.7
@@ -42,7 +42,7 @@
.\" capability, then we must also set the effective flag for all
.\" other capabilities where the permitted or inheritable bit is set.
.\"
-.TH CAPABILITIES 7 2008-11-27 "Linux" "Linux Programmer's Manual"
+.TH CAPABILITIES 7 2009-08-02 "Linux" "Linux Programmer's Manual"
.SH NAME
capabilities \- overview of Linux capabilities
.SH DESCRIPTION
@@ -717,8 +717,12 @@ then the following capabilities are cleared from the effective set:
.BR CAP_DAC_READ_SEARCH ,
.BR CAP_FOWNER ,
.BR CAP_FSETID ,
+.B CAP_LINUX_IMMUTABLE
+(since Linux 2.2.30),
+.BR CAP_MAC_OVERRIDE ,
and
-.BR CAP_MAC_OVERRIDE .
+.B CAP_MKNOD
+(since Linux 2.2.29).
If the file system UID is changed from non-zero to 0,
then any of these capabilities that are enabled in the permitted set
are enabled in the effective set.
generated by cgit 1.2.3-korg (git 2.43.0) at 2025-12-02 00:18:43 +0000