Source is current git content.
Output is from: test-groff -b -e -mandoc -T utf8 -rF0 -t -w w -z
[ "test-groff" is a developmental version of "groff" ]
Input file is ././disk-utils/sfdisk.8
troff: backtrace: file '<./disk-utils/sfdisk.8>':67
troff: <./disk-utils/sfdisk.8>:67: warning: trailing space
Input file is ././misc-utils/kill.1
troff: backtrace: '/home/bg/git/groff/build/s-tmac/an-ext.tmac':133: macro 'EE'
troff: backtrace: file '<./misc-utils/kill.1>':167
troff: <./misc-utils/kill.1>:167: warning: macro 'mF' not defined
troff: backtrace: '/home/bg/git/groff/build/s-tmac/an-ext.tmac':134: macro 'EE'
troff: backtrace: file '<./misc-utils/kill.1>':167
troff: <./misc-utils/kill.1>:167: warning: number register 'mE' not defined
troff: backtrace: '/home/bg/git/groff/build/s-tmac/an-ext.tmac':134: macro 'EE'
troff: backtrace: file '<./misc-utils/kill.1>':167
troff: <./misc-utils/kill.1>:167: warning: bad font number
troff: backtrace: '/home/bg/git/groff/build/s-tmac/an-ext.tmac':135: macro 'EE'
troff: backtrace: file '<./misc-utils/kill.1>':167
troff: <./misc-utils/kill.1>:167: warning: number register 'sP' not defined
troff: backtrace: '/home/bg/git/groff/build/s-tmac/an-ext.tmac':134: macro 'EE'
troff: backtrace: file '<./misc-utils/kill.1>':170
troff: <./misc-utils/kill.1>:170: warning: bad font number
Input file is ././sys-utils/ipcs.1
<./sys-utils/ipcs.1>:103 (macro BR): only 1 argument, but more are expected
Input file is ././sys-utils/mount.8
<./sys-utils/mount.8>:68 (macro RB): only 1 argument, but more are expected
troff: backtrace: '/home/bg/git/groff/build/s-tmac/an-old.tmac':467: macro 'RB'
troff: backtrace: file '<./sys-utils/mount.8>':68
troff: <./sys-utils/mount.8>:68: warning [p 1, 3.5i]: can't break line
an-old.tmac: <./sys-utils/mount.8>:201 (.RE): warning: extra .RE or .RS is missing before it; "an-RS-open" is 0.
<./sys-utils/mount.8>:453 (macro BR): only 1 argument, but more are expected
<./sys-utils/mount.8>:500 (macro BR): only 1 argument, but more are expected
<./sys-utils/mount.8>:1050 (macro BR): only 1 argument, but more are expected
Input file is ././sys-utils/setpriv.1
<./sys-utils/setpriv.1>:17 (macro BR): only 1 argument, but more are expected
<./sys-utils/setpriv.1>:154 (macro BR): only 1 argument, but more are expected
<./sys-utils/setpriv.1>:166 (macro BR): only 1 argument, but more are expected
Input file is ././sys-utils/umount.8
<./sys-utils/umount.8>:145 (macro IR): only 1 argument, but more are expected
Input file is ././sys-utils/unshare.1
<./sys-utils/unshare.1>:266 (macro BR): only 1 argument, but more are expected
[kzak@redhat.com: - add .RS to fix extra .RE in mount.8]
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
Signed-off-by: Karel Zak <kzak@redhat.com>
Attempting to create a persistent PID namespace with --pid=<file>
will result in an error if --fork is not also specified. Let's
warn people about that, so they don't get puzzled.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
The existing text is not quite accurate, and I recently injected an
error into the EXAMPLES. This patch fixes both issues.
The text in DESCRIPTION incorrectly states that the propagation type of
the parent mount must be "private". This is not accurate. Rather, the
propagation type must be something *other than "shared"* (i.e.,
"private", "slave", or "unbindable").
In the EXAMPLES section, I added text that implies that if the
propagation type of the parent mount is "shared", then the child mount
created by --mount=<path> might propagate to another namespace.
Rather, in this situation, an error would result. Clarify that.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
The text describing the persistent mount namespace example
is rather confused. Explain more clearly the purpose of making
the parent directory a bind mount with private propagation.
Also make a few other wording improvements.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
Earlier, I patched various pages to consistently use EXAMPLE as a
section heading, rather than EXAMPLES. (At that time, both headings
occurred in util-linux, with roughly equal frequency.)
Since then, I've observed that EXAMPLES is the more common usage
across a large corpus of manual pages. So, in Linux the man-pages
project, I switched to using EXAMPLES also. This patch makes the same
change for util-linux.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
The time namespaces example had no explanatory text! Add some.
Also, use the "uptime -p" option for output that is more compact
(and perhaps more readable).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
The explanation of the --kill-child example was quite confused and
also the example shell demo was broken because of quoting issues.
It is not the case that the *children* of 'program' would adopted by
init, but rather that 'program' itself (which would be running as PID
1 inside the namespace and is a child of 'unshare') would be adopted
by init.
Rework the --kill-child example. Add a lot more explanation, and
expand the example shell session to give the reader a much better
picture of what is going on.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
The examples section of this manual page is rather hard to grok.
First, the arrangement of the text as follows makes life harder
than needed for the reader:
shell demo
explanatory text
It helps the reader if an example *begins* with an explanation of
what is being demonstrated. Therefore, rearrange these examples as:
explanatory text
shell demo
In addition, let's provide a bit more explanation for the first three
examples and expand the second example (user namespaces) a little.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
The intro paragraphs of this page are rather hard for a newcomer to
grok. The name of the underlying system call (and consequently the
name of the command) are "strange", but let's help the reader by
naming more clearly what unshare(1) does: creating new namespaces. In
addition, clarify and expand the details on making a namespace
persistent using bind mounts.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Back in commits f85b9777c2 and 894efece9e, in the
description of each namespace type, I added repeated cross references
to clone(2). Drop these references. The Section 7 namespaces pages,
which are already noted in the nsenter(1) and unshare(1) manual pages,
provide much more relevant information. Furthermore, pointing the
reader at clone(2) is perhaps a little misleading, since the system
call underlying nsenter(1) is setns(2) and the system call underlying
unshare(1) is unshare(2).
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Nowadays, the Linux man-pages project provides separate Section 7
manual pages for each type of namespace. Update the cross references
in nsenter.1 and unshare.1 to reflect this.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
There is value in ensuring that manual page sections use consistently
named sections, as far as possible, and also that sections have a
consistent order within manual pages. This is one of a series of patches
to place manual page sections in a consistent order.
In this patch, we ensure that the AUTHORS, COPYRIGHT, SEE ALSO, and
AVAILABILITY sections are always placed at the end of the page.
Testing that no gross editing mistake (causing accidental loss or addition
of text) was performed as follows:
$ cat $(grep '\.SH' -l $(find . -name '*.[1-9]') |sort) | sort > a
[Apply patch]
$ cat $(grep '\.SH' -l $(find . -name '*.[1-9]') |sort) | sort > b
$ diff a b
$ echo $?
0
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
There is quite some value (in terms of readability and user
expectations) if consistent names are used for the sections
within manual pages. This patch is one of a series to bring
about this consistency.
Currently we have EXAMPLE (10) or EXAMPLES (23).
Let's standardize on the EXAMPLE (which is also what is
suggested in man-pages(7)) and used consistently across
a large number of pages in the Linux man-pages project.
(I realize the choice to go EXAMPLE, rather than EXAMPLES,
may be debatable. If necessary, I'd write a patch that instead
goes the other way, but I'd prefer to follow man-pages(7).)
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Output is from: test-groff -b -e -mandoc -T utf8 -rF0 -t -w w -z
[ "test-groff" is a developmental version of "groff" ]
Input file is ././misc-utils/kill.1
<./misc-utils/kill.1>:173 (macro BR): only 1 argument, but more are expected
Input file is ././misc-utils/lsblk.8
troff: backtrace: '/home/bg/git/groff/build/s-tmac/an-old.tmac':478: macro 'BR'
troff: backtrace: file '<./misc-utils/lsblk.8>':122
troff: <./misc-utils/lsblk.8>:122: warning: trailing space
Input file is ././sys-utils/mount.8
an-old.tmac: <./sys-utils/mount.8>:2427 (.RE): warning: extra .RE or .RS is missing before it; "an-RS-open" is 0.
Input file is ././sys-utils/unshare.1
<./sys-utils/unshare.1>:176 (macro BR): only 1 argument, but more are expected
<./sys-utils/unshare.1>:181 (macro BR): only 1 argument, but more are expected
<./sys-utils/unshare.1>:240 (macro BR): only 1 argument, but more are expected
<./sys-utils/unshare.1>:246 (macro BR): only 1 argument, but more are expected
Input file is ././term-utils/agetty.8
troff: backtrace: file '<./term-utils/agetty.8>':130
troff: <./term-utils/agetty.8>:130: warning: trailing space
Input file is ././text-utils/more.1
troff: backtrace: file '<./text-utils/more.1>':91
troff: <./text-utils/more.1>:91: warning: macro 'b' not defined
The output from nroff and troff is unchanged, except for the word
"number" in text-utils/more.1, that was missing.
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
After unshare(...) is called, /proc/self/ns/pid does not change.
Instead, only /proc/self/ns/pid_for_children is affected. So bind-mounting
/proc/self/ns/pid results in the original namespace getting bind-mounted.
Fix this by instead bind-mounting ns/pid_for_children.
[kzak@redhat.com: - add ns/time_for_children
- remove C++ comments
- resolve commit conflicts]
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
The --map-user and --map-group options can now be specified by either
uid/gid or user/group name.
Signed-off-by: Matthew Harm Bekkema <id@mbekkema.name>
Two new options are added: `--map-user=<uid>` and `--map-group=<gid>`
for custom user and group mappings respectively. These are just
generalizations of the existing `--map-root-user` and
`--map-current-user` options.
As a side effect of this commit, specifying both `--map-root-user` and
`--map-current-user` no longer causes an error. Instead, the last
occurrence takes precedence.
Addresses: https://github.com/karelzak/util-linux/issues/885
Signed-off-by: Matthew Harm Bekkema <id@mbekkema.name>
While working on getting time namespace support into 'nsenter' it was
not possible to use '-t' to enter a time namespace as '-t' is the short
option for '--target'. Fortunately '-T' is still available in 'nsenter'
and 'unshare' and therefore let's change 'unshare' to use the same flag
for the time namespace as 'nsenter'.
Signed-off-by: Adrian Reber <areber@redhat.com>
This adds support to unshare for time namespaces. With the newly added
options '-t, --time' and '--monotonic' and '--boottime' it is now
possible to change CLOCK_MONOTONIC and CLOCK_BOOTTIME in a new time
namespace.
The time namespace has been merged in kernel version 5.6 and an easy way
to test it is using CLOCK_BOOTTIME and the uptime command:
# uptime
11:08:26 up 20:28, 1 user, load average: 0.00, 0.00, 0.00
# ./unshare --fork --time --boottime 100000000 uptime
11:08:29 up 1158 days, 6:15, 1 user, load average: 0.00, 0.00, 0.00
Signed-off-by: Adrian Reber <areber@redhat.com>
Change a HYPHEN-MINUS (code 0x55, 2D) to a minus (\-), if in front of
1) a name of an option
2) a negative number to be printed.
See man-pages(7) [Debian package "manpages"].
The output from "nroff" is unchanged.
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
Add a comma (,) after "e.g." and "i.e.", or use English words
(man-pages(7) [package "manpages"]).
Abbreviation points should be protected (usually with the
non-printing, zero width character '\&') from being interpreted as an
end of sentence, if they are not, and that independent of their current
place on the line.
This is important when typing, as one does not usually know in
advance when the editor jumps to a new line.
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
Two-fonts macros are made for two or more arguments.
Remove space at end of lines in the files "term-utils/{script.1,
scriptlive.1, scriptreplay.1}".
Put "\-\-summary" to the correct indent in the file
"term-utils/script.1"
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
Add the --keep-caps option to unshare to preserve capabilities that
are granted when creating a new user namespace. This allows the child
process to retain privilege within the new user namespace without also
being UID 0.
Add the --map-current-user option to unshare. This option maps the
current effective UID and GID in the new user namespace so that the
inner and outer credentials match.
Signed-off-by: James Peach <jpeach@apache.org>
This patch introduces two new parameters to set the
user ID and the group ID of the program to be executed.
Setting group ID also drops supplementary groups.
The option names used are the same as for nsenter,
-S, --setuid and -G, --setgid.
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
This patch instroduces two new parameters to set the new
root and the new working directory in this new root.
This allows to combine "unshare chroot" in one command,
and doing like this the /proc filesystem is correctly
mounted in the new root with "--mount-proc".
The new parameters are -R, --root and -w, --wd. The names
are the same as for nsenter, except for "-r" that is already
used by "--map-root-user" and replaced by "-R".
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
Use the correct macro (I, B) for the font change of one argument, not
those that are used for alternating two fonts, like "BR", "IR", "RB",
or "RI".
Signed-off-by: Bjarni Ingi Gislason <bjarniig@rhi.hi.is>
This allows to conveniently kill the entire process tree
below the forked program, a common problem when scripting
tasks that need to reliably fully terminate without leaving
reparented subprocesses behind.
The example added to the man page shows the most common use.
Implemented using prctl(PR_SET_PDEATHSIG, ...).
As described in pid_namespaces(7), IPC namespaces also
isolate POSIX message queues. Update the unshare(1)
and nsenter(1) pages to clarify that.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
For each namespace that is discussed, add more explicit
references to the corresponding clone(2) flags and
add references to relevant section 7 namespace pages.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This patch does only the following:
* Order SEE ALSO entries first by section name, then alphabetically
within section
* Adds one or two missing commas in SEE ALSO lists
* Removes one or two periods that were (inconsistently) used
at the end of SEE ALSO lists.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Karel Zak
Jakub Wilk
Bjarni Ingi Gislason
Michael Kerrisk (man-pages)
michael-dev
Matthew Harm Bekkema
Adrian Reber
James Peach
Laurent Vivier
Yuri Chornoivan
Niklas Hambüchen
Sébastien Helleu
Benno Schulenberg