From: Christian Brauner <brauner@kernel.org>
Date: Tue, 7 Jun 2022 13:38:18 +0000 (+0200)
Subject: mount_setattr.2: update conditions to create ID-mapped mounts
X-Git-Tag: man-pages-6.0-rc1~181
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9292cbb1c356ae229ee32e4ad8afb554eca9d8ca;p=thirdparty%2Fman-pages.git

mount_setattr.2: update conditions to create ID-mapped mounts

Newer kernels in principle support the creation of ID-mapped mounts for
filesystems mountable in non-initial user namespaces. Currently, no such
filesystem has been ported to support this though. But we should
nonetheless update the conditions.

Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Alejandro Colomar <alx.manpages@gmail.com>
---

diff --git a/man2/mount_setattr.2 b/man2/mount_setattr.2
index efcfa02adf..831f09d278 100644
--- a/man2/mount_setattr.2
+++ b/man2/mount_setattr.2
@@ -632,10 +632,11 @@ The following conditions must be met in order to create an ID-mapped mount:
 .IP \(bu 3
 The caller must have the
 .B CAP_SYS_ADMIN
-capability in the initial user namespace.
-.IP \(bu
-The filesystem must be mounted in a mount namespace
-that is owned by the initial user namespace.
+capability in the user namespace the filesystem was mounted in.
+.\" commit bd303368b776eead1c29e6cdda82bde7128b82a7
+.\" Christian Brauner
+.\"     Note, currently no filesystems mountable in non-initial user namespaces
+.\"     support ID-mapped mounts.
 .IP \(bu
 The underlying filesystem must support ID-mapped mounts.
 Currently, the