From: Iker Pedrosa Date: Fri, 11 Jun 2021 13:25:42 +0000 (+0200) Subject: man: definition and configuration of subid X-Git-Tag: v4.9~12^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F353%2Fhead;p=thirdparty%2Fshadow.git man: definition and configuration of subid Define the subid functionality and explain the way to configure its delegation. --- diff --git a/man/subgid.5.xml b/man/subgid.5.xml index 70c561c43..02f421ab9 100644 --- a/man/subgid.5.xml +++ b/man/subgid.5.xml @@ -38,6 +38,11 @@ Biederman Creation, 2013 + + Iker + Pedrosa + Developer, 2021 + subgid @@ -48,11 +53,36 @@ subgid - the subordinate gid file + the configuration for subordinate group ids DESCRIPTION + + Subgid authorizes a group id to map ranges of group ids from its namespace + into child namespaces. + + + The delegation of the subordinate gids can be configured via the + subid field in + /etc/nsswitch.conf file. Only one value can be set + as the delegation source. Setting this field to + files configures the delegation of gids to + /etc/subgid. Setting any other value treats + the delegation as a plugin following with a name of the form + libsubid_$value.so. If the value or plugin is + missing, then the subordinate gid delegation falls back to + files. + + + Note, that groupadd will only create entries in + /etc/subgid if subid delegation is managed via subid + files. + + + + + LOCAL SUBORDINATE DELEGATION Each line in /etc/subgid contains a user name and a range of subordinate group ids that user diff --git a/man/subuid.5.xml b/man/subuid.5.xml index ec6a85f54..990d162ef 100644 --- a/man/subuid.5.xml +++ b/man/subuid.5.xml @@ -38,6 +38,11 @@ Biederman Creation, 2013 + + Iker + Pedrosa + Developer, 2021 + subuid @@ -48,11 +53,36 @@ subuid - the subordinate uid file + the configuration for subordinate user ids DESCRIPTION + + Subuid authorizes a user id to map ranges of user ids from its namespace + into child namespaces. + + + The delegation of the subordinate uids can be configured via the + subid field in + /etc/nsswitch.conf file. Only one value can be set + as the delegation source. Setting this field to + files configures the delegation of uids to + /etc/subuid. Setting any other value treats + the delegation as a plugin following with a name of the form + libsubid_$value.so. If the value or plugin is + missing, then the subordinate uid delegation falls back to + files. + + + Note, that useradd will only create entries in + /etc/subuid if subid delegation is managed via subid + files. + + + + + LOCAL SUBORDINATE DELEGATION Each line in /etc/subuid contains a user name and a range of subordinate user ids that user