Adding upstream version 1:4.15.2.upstream/1%4.15.2 upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-06-26 16:18:36 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-06-26 16:18:36 +0000
commit: 6c3ea4f47ea280811a7fe53a22f7832e4533c9ec (patch)
tree: 3d7ed5da23b5dbf6f9e450dfb61642832249c31e /man/newuidmap.1.xml
parent: Adding upstream version 1:4.13+dfsg1. (diff)
download: shadow-6c3ea4f47ea280811a7fe53a22f7832e4533c9ec.tar.xz
shadow-6c3ea4f47ea280811a7fe53a22f7832e4533c9ec.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/man/newuidmap.1.xml b/man/newuidmap.1.xml
index f5cb5b4..7aed0d5 100644
--- a/man/newuidmap.1.xml
+++ b/man/newuidmap.1.xml
@@ -116,6 +116,17 @@
     <para>
       Note that newuidmap may be used only once for a given process.
     </para>
+    <para>
+      Instead of an integer process id, the first argument may be
+      specified as <replaceable>fd:N</replaceable>, where the integer N
+      is the file descriptor number for the calling process's opened
+      file descriptor for the directory <filename>/proc/[pid]</filename>.
+      In this case, <command>newuidmap</command> will use
+      <refentrytitle>openat</refentrytitle><manvolnum>2</manvolnum>
+      to open the <filename>uid_map</filename> file under that
+      directory, avoiding a TOCTTOU in case the process exits and
+      the pid is immediately reused.
+    </para>
   </refsect1>
 
   <refsect1 id='options'>
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-06-26 16:18:36 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-06-26 16:18:36 +0000
commit	6c3ea4f47ea280811a7fe53a22f7832e4533c9ec (patch)
tree	3d7ed5da23b5dbf6f9e450dfb61642832249c31e /man/newuidmap.1.xml
parent	Adding upstream version 1:4.13+dfsg1. (diff)
download	shadow-6c3ea4f47ea280811a7fe53a22f7832e4533c9ec.tar.xz shadow-6c3ea4f47ea280811a7fe53a22f7832e4533c9ec.zip