diff options
| -rw-r--r-- | man7/namespaces.7 | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/man7/namespaces.7 b/man7/namespaces.7 index e476950e71..6ca493c997 100644 --- a/man7/namespaces.7 +++ b/man7/namespaces.7 @@ -608,6 +608,13 @@ The process must have the .BR CAP_SETUID .RB ( CAP_SETGID ) capability in the parent user namespace. +There is an exception to this requirement: +a process writing to +.I uid_map +.RI ( gid_map ) +is allowed to map any single UID (GID) to the file system UID (GID) of the +caller in the parent user namespace. + .IP * The process must be in either the user namespace of the process .I pid |