diff options
author | Michael Kerrisk <mtk.manpages@gmail.com> | 2020-10-27 13:34:31 +0100 |
---|---|---|
committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2020-10-27 14:51:44 +0100 |
commit | 167f94b707148bcd46fe39c7d4ebfada9eed88f6 (patch) | |
tree | 96711d3539ac130bd0162990f1e94b047383fbff | |
parent | 1e516a820b4dfd3e126b048c0c882cc1d555e5ea (diff) | |
download | man-pages-167f94b707148bcd46fe39c7d4ebfada9eed88f6.tar.gz |
proc.5: Update capability requirements for accessing /proc/[pid]/map_files
The requirements changed with kernel commit 12886f8ab10ce6.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
-rw-r--r-- | man5/proc.5 | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/man5/proc.5 b/man5/proc.5 index 77ddd733fb..488acd483f 100644 --- a/man5/proc.5 +++ b/man5/proc.5 @@ -1261,9 +1261,16 @@ Until kernel version 4.3, this directory appeared only if the .B CONFIG_CHECKPOINT_RESTORE kernel configuration option was enabled. -Additionally, in those kernel versions, privilege -.RB ( CAP_SYS_ADMIN ) -was required to view the contents of this directory. +.IP +Capabilities are required to read the contents of the symbolic links in +this directory: before Linux 5.9, the reading process requires +.BR CAP_SYS_ADMIN +in the initial user namespace; +since Linux 5.9, the reading process must have either +.BR CAP_SYS_ADMIN +or +.BR CAP_CHECKPOINT_RESTORE +in the user namespace where it resides. .TP .I /proc/[pid]/maps A file containing the currently mapped memory regions and their access |