diff options
| author | Michael Kerrisk <mtk.manpages@gmail.com> | 2021-08-16 01:59:42 +0200 |
|---|---|---|
| committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2021-08-18 01:38:14 +0200 |
| commit | 213e259e97a1cc3c25ba9dc8b704699e348fe7e5 (patch) | |
| tree | 5b78ff9af0cead84609b6f2cb60a4f95daa63fb3 /man7/user_namespaces.7 | |
| parent | 6486faa95642d6e443efef01eaacc68664aeca47 (diff) | |
| download | man-pages-213e259e97a1cc3c25ba9dc8b704699e348fe7e5.tar.gz | |
user_namespaces.7: Document /proc/PID/projid_map
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Diffstat (limited to 'man7/user_namespaces.7')
| -rw-r--r-- | man7/user_namespaces.7 | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/man7/user_namespaces.7 b/man7/user_namespaces.7 index 3bba32cb56..610fc2782c 100644 --- a/man7/user_namespaces.7 +++ b/man7/user_namespaces.7 @@ -669,6 +669,48 @@ Writes that violate the above rules fail with the error .\" .\" ============================================================ .\" +.SS Project ID mappings: projid_map +Similarly to user and group ID mappings, +it is possible to create project ID mappings for a user namespace. +(Project IDs are used for disk quotas; see +.BR setquota (8) +and +.BR quotactl (2).) +.PP +Project ID mappings are defined by writing to the +.I /proc/[pid]/projid_map +file (present since +.\" commit f76d207a66c3a53defea67e7d36c3eb1b7d6d61d +Linux 3.7). +.PP +The validity rules for writing to the +.I /proc/[pid]/projid_map +file are as for writing to the +.I uid_map +file; violation of these rules causes +.BR write (2) +to fail with the error +.BR EINVAL . +.PP +The permission rules for writing to the +.I /proc/[pid]/projid_map +file are as follows: +.IP 1. 3 +The writing process must either be in the user namespace of the process +.I pid +or be in the parent user namespace of the process +.IR pid . +.IP 2. +The mapped project IDs must in turn have a mapping +in the parent user namespace. +.PP +Violation of these rules causes +.BR write (2) +to fail with the error +.BR EPERM . +.\" +.\" ============================================================ +.\" .SS Interaction with system calls that change process UIDs or GIDs In a user namespace where the .I uid_map |