From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Mon, 29 May 2017 04:02:24 +0000 (+0200)
Subject: README: reword id mapping restrictions when unpriv
X-Git-Tag: lxc-2.1.0~114^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1594%2Fhead;p=thirdparty%2Flxc.git

README: reword id mapping restrictions when unpriv

Suggested-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---

diff --git a/README.md b/README.md
index e03e34799..7dfb8a34c 100644
--- a/README.md
+++ b/README.md
@@ -70,10 +70,10 @@ quite restricted. Just to highlight the two most common problems:
    inside of the container will not be able to boot up correctly.
 
 2. User Namespaces: As outlined above, user namespaces are a big security
-   enhancement. However, users which are unprivileged on the host will only be
-   able to establish a mapping for their own UID if they do not rely on
-   privileged helpers. A standard POSIX system however, requires 65536 UIDs and
-   GIDs to be available to guarantee full functionality.
+   enhancement. However, without relying on privileged helpers users who are
+   unprivileged on the host are only permitted to map their own UID into
+   a container. A standard POSIX system however, requires 65536 UIDs and GIDs
+   to be available to guarantee full functionality.
 
 ## Configuration