user_namespaces.7: Minor wording fix to recently added text

author Michael Kerrisk <mtk.manpages@gmail.com>

Tue, 2 Jul 2019 04:20:44 +0000 (06:20 +0200)

committer Michael Kerrisk <mtk.manpages@gmail.com>

Tue, 2 Jul 2019 04:20:44 +0000 (06:20 +0200)
author Michael Kerrisk <mtk.manpages@gmail.com>
Tue, 2 Jul 2019 04:20:44 +0000 (06:20 +0200)
committer Michael Kerrisk <mtk.manpages@gmail.com>
Tue, 2 Jul 2019 04:20:44 +0000 (06:20 +0200)
diff --git a/man7/user_namespaces.7 b/man7/user_namespaces.7

index 1d4d68460caf32406713980c6f13ac3d3a98337d..935ef3d000a2be69b1a37be6322d2f4c51115477 100644 (file)
--- a/man7/user_namespaces.7
+++ b/man7/user_namespaces.7
@@ -904,12 +904,12 @@ in the user namespace.
  The
  .BR CAP_FOWNER
  capability is treated somewhat exceptionally:
-most of the checks that it governs can be bypassed so long as
-just the file's user ID has a mapping in the user namespace
  .\" These are the checks performed by the kernel function
  .\" inode_owner_or_capable(). There is one exception to the exception:
  .\" overriding the directory sticky permission bit requires that
  .\" the file has a valid mapping for both its UID and GID.
+it allows a process to bypass the corresponding rules so long as
+at least the file's user ID has a mapping in the user namespace
  (i.e., the file's group ID does not need to have a valid mapping).
  .\"
  .\" ============================================================
author	Michael Kerrisk <mtk.manpages@gmail.com>
	Tue, 2 Jul 2019 04:20:44 +0000 (06:20 +0200)
committer	Michael Kerrisk <mtk.manpages@gmail.com>
	Tue, 2 Jul 2019 04:20:44 +0000 (06:20 +0200)