diff options
| -rw-r--r-- | man7/capabilities.7 | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/man7/capabilities.7 b/man7/capabilities.7 index a6b442d49f..92e7eba0e1 100644 --- a/man7/capabilities.7 +++ b/man7/capabilities.7 @@ -29,7 +29,6 @@ .SH NAME capabilities \- overview of Linux capabilities .SH DESCRIPTION - For the purpose of performing permission checks, traditional Unix implementations distinguish two categories of processes: .I privileged @@ -186,6 +185,14 @@ and .I security Extended Attributes (see .BR attr (5)); +call +.BR lookup_dcookie (2); +perform +.BR keyctl (2) +.B KEYCTL_CHOWN +and +.B KEYCTL_SETPERM +operations. allow forged UID when passing socket credentials; exceed .IR /proc/sys/fs/file-max , @@ -198,13 +205,16 @@ in system calls that open files (e.g., without this capability these system calls will fail with the error .B ENFILE if this limit is encountered). -.\" FIXME 2.6.14-rc1 permist the following with CAP_SYS_ADMIN: +.\" FIXME 2.6.14-rc1 permits the following with CAP_SYS_ADMIN: .\" /* Allow setting zone reclaim policy */ .\" Document this. +.\" FIXME CAP_SYS_ADMIN has an affect for ioprio_set() .TP .B CAP_SYS_BOOT Permit calls to -.BR reboot (2). +.BR reboot (2) +and +.BR kexec_load (2). .TP .B CAP_SYS_CHROOT Permit calls to @@ -228,6 +238,9 @@ and setting scheduling policies and priorities for arbitrary processes .BR sched_setparam (2)); set CPU affinity for arbitrary processes .RB ( sched_setaffinity ()). +.\" FIXME Probably CAP_SYS_NICE will have a new affect in 2.6.16 +.\" for MPOL_MF_MOVE_ALL and migrate_pages(2) +.\" FIXME CAP_SYS_NICE has an affect for ioprio_set() .TP .B CAP_SYS_PACCT Permit calls to |