summaryrefslogtreecommitdiffstats
path: root/sys-utils/nsenter.1
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--sys-utils/nsenter.125
-rw-r--r--sys-utils/nsenter.1.adoc14
2 files changed, 36 insertions, 3 deletions
diff --git a/sys-utils/nsenter.1 b/sys-utils/nsenter.1
index add08ed..d5cac3f 100644
--- a/sys-utils/nsenter.1
+++ b/sys-utils/nsenter.1
@@ -2,12 +2,12 @@
.\" Title: nsenter
.\" Author: [see the "AUTHOR(S)" section]
.\" Generator: Asciidoctor 2.0.20
-.\" Date: 2023-12-01
+.\" Date: 2024-03-20
.\" Manual: User Commands
-.\" Source: util-linux 2.39.3
+.\" Source: util-linux 2.40
.\" Language: English
.\"
-.TH "NSENTER" "1" "2023-12-01" "util\-linux 2.39.3" "User Commands"
+.TH "NSENTER" "1" "2024-03-20" "util\-linux 2.40" "User Commands"
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.ss \n[.ss] 0
@@ -173,6 +173,12 @@ Enter the PID namespace. If no file is specified, enter the PID namespace of the
Enter the user namespace. If no file is specified, enter the user namespace of the target process. If \fIfile\fP is specified, enter the user namespace specified by \fIfile\fP. See also the \fB\-\-setuid\fP and \fB\-\-setgid\fP options.
.RE
.sp
+\fB\-\-user\-parent\fP
+.RS 4
+Enter the parent user namespace. Parent user namespace will be acquired from any other enabled namespace.
+If combined with \fB\-\-user\fP option the parent user namespace will be fetched from the user namespace and replace it.
+.RE
+.sp
\fB\-C\fP, \fB\-\-cgroup\fP[=\fIfile\fP]
.RS 4
Enter the cgroup namespace. If no file is specified, enter the cgroup namespace of the target process. If \fIfile\fP is specified, enter the cgroup namespace specified by \fIfile\fP.
@@ -197,6 +203,11 @@ Set the user ID which will be used in the entered namespace.
If the argument "follow" is specified the UID of the target process is used.
.RE
.sp
+\fB\-\-keep\-caps\fP
+.RS 4
+When the \fB\-\-user\fP option is given, ensure that capabilities granted in the user namespace are preserved in the child process.
+.RE
+.sp
\fB\-\-preserve\-credentials\fP
.RS 4
Don\(cqt modify UID and GID when enter user namespace. The default is to drops supplementary groups and sets GID and UID to 0.
@@ -232,6 +243,11 @@ Do not fork before exec\(cqing the specified program. By default, when entering
Set the SELinux security context used for executing a new process according to already running process specified by \fB\-\-target\fP PID. (The util\-linux has to be compiled with SELinux support otherwise the option is unavailable.)
.RE
.sp
+\fB\-c\fP, \fB\-\-join\-cgroup\fP
+.RS 4
+Add the initiated process to the cgroup of the target process.
+.RE
+.sp
\fB\-h\fP, \fB\-\-help\fP
.RS 4
Display help text and exit.
@@ -241,6 +257,9 @@ Display help text and exit.
.RS 4
Print version and exit.
.RE
+.SH "NOTES"
+.sp
+The \fB\-\-user\-parent\fP option requires Linux 4.9 or higher, older kernels will raise inappropriate ioctl for device error.
.SH "AUTHORS"
.sp
.MTO "biederm\(atxmission.com" "Eric Biederman" ","
diff --git a/sys-utils/nsenter.1.adoc b/sys-utils/nsenter.1.adoc
index c053526..58dd125 100644
--- a/sys-utils/nsenter.1.adoc
+++ b/sys-utils/nsenter.1.adoc
@@ -97,6 +97,10 @@ Enter the PID namespace. If no file is specified, enter the PID namespace of the
*-U*, *--user*[=_file_]::
Enter the user namespace. If no file is specified, enter the user namespace of the target process. If _file_ is specified, enter the user namespace specified by _file_. See also the *--setuid* and *--setgid* options.
+*--user-parent*::
+Enter the parent user namespace. Parent user namespace will be acquired from any other enabled namespace.
+If combined with *--user* option the parent user namespace will be fetched from the user namespace and replace it.
+
*-C*, *--cgroup*[=_file_]::
Enter the cgroup namespace. If no file is specified, enter the cgroup namespace of the target process. If _file_ is specified, enter the cgroup namespace specified by _file_.
@@ -113,6 +117,9 @@ Set the user ID which will be used in the entered namespace.
*nsenter* always sets UID for user namespaces, the default is 0.
If the argument "follow" is specified the UID of the target process is used.
+*--keep-caps*::
+When the *--user* option is given, ensure that capabilities granted in the user namespace are preserved in the child process.
+
*--preserve-credentials*::
Don't modify UID and GID when enter user namespace. The default is to drops supplementary groups and sets GID and UID to 0.
@@ -134,8 +141,15 @@ Do not fork before exec'ing the specified program. By default, when entering a P
*-Z*, *--follow-context*::
Set the SELinux security context used for executing a new process according to already running process specified by *--target* PID. (The util-linux has to be compiled with SELinux support otherwise the option is unavailable.)
+*-c*, *--join-cgroup*::
+Add the initiated process to the cgroup of the target process.
+
include::man-common/help-version.adoc[]
+== NOTES
+
+The *--user-parent* option requires Linux 4.9 or higher, older kernels will raise inappropriate ioctl for device error.
+
== AUTHORS
mailto:biederm@xmission.com[Eric Biederman],