[PATCH] Manual pages: use "root user ID" rather than "rootid"
Andrew G. Morgan
morgan at kernel.org
Fri Jul 24 03:31:42 UTC 2020
Applied both this and the cap_from_text man page change.
I've also updated the latter page to show that what used to be
summarized by cap_to_text() as: "= cap_foo+..." will (in libcap-2.41)
be the equivalent, but shorter, text: "cap_foo=..." which is also more
intuitive.
Cheers
Andrew
On Thu, Jul 23, 2020 at 2:18 AM Michael Kerrisk (man-pages)
<mtk.manpages at gmail.com> wrote:
>
> The capabilities(7) page has for quite some time used the term "root user ID",
> which is, I think, a little more precise and expressive than "rootid".
> I think it would be good if libcap used the same terminology,
>
> Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages at gmail.com>
> ---
> doc/cap_get_file.3 | 6 +++---
> doc/getcap.8 | 3 ++-
> doc/setcap.8 | 8 ++++----
> 3 files changed, 9 insertions(+), 8 deletions(-)
>
> diff --git a/doc/cap_get_file.3 b/doc/cap_get_file.3
> index ceacbaf..3f73734 100644
> --- a/doc/cap_get_file.3
> +++ b/doc/cap_get_file.3
> @@ -18,7 +18,7 @@ manipulation on files
> .sp
> .BI "uid_t cap_get_nsowner(cap_t " caps );
> .sp
> -.BI "int cap_set_nsowner(cap_t " caps ", uid_t " rootid );
> +.BI "int cap_set_nsowner(cap_t " caps ", uid_t " rootuid );
> .sp
> Link with \fI\-lcap\fP.
> .SH DESCRIPTION
> @@ -66,13 +66,13 @@ capability in its effective capability set. The effects of writing the
> capability state to any file type other than a regular file are
> undefined.
> .PP
> -A capability set held in memory can be associated with the rootid in
> +A capability set held in memory can be associated with the root user ID in
> use in a specific user namespace. It is possible to get and set this value
> (in the memory copy) with
> .BR cap_get_nsowner ()
> and
> .BR cap_set_nsowner ()
> -respectively. The rootid is ignored by the libcap library in all cases
> +respectively. The root user ID is ignored by the libcap library in all cases
> other than when the capability is written to a file. Only if the value
> is non-zero will the library attempt to include it in the written file
> capability set.
> diff --git a/doc/getcap.8 b/doc/getcap.8
> index 2ad8092..04b601c 100644
> --- a/doc/getcap.8
> +++ b/doc/getcap.8
> @@ -13,7 +13,8 @@ displays the name and capabilities of each specified file.
> prints quick usage.
> .TP 4
> .B \-n
> -prints any non-zero user namespace rootid value found to be associated with
> +prints any non-zero user namespace root user ID value
> +found to be associated with
> a file's capabilities.
> .TP 4
> .B \-r
> diff --git a/doc/setcap.8 b/doc/setcap.8
> index 582c781..463752d 100644
> --- a/doc/setcap.8
> +++ b/doc/setcap.8
> @@ -2,7 +2,7 @@
> .SH NAME
> setcap \- set file capabilities
> .SH SYNOPSIS
> -\fBsetcap\fP [\-q] [\-n <rootid>] [\-v] {\fIcapabilities|\-|\-r} filename\fP [ ... \fIcapabilitiesN\fP \fIfileN\fP ]
> +\fBsetcap\fP [\-q] [\-n <rootuid>] [\-v] {\fIcapabilities|\-|\-r} filename\fP [ ... \fIcapabilitiesN\fP \fIfileN\fP ]
> .SH DESCRIPTION
> In the absence of the
> .B \-v
> @@ -13,13 +13,13 @@ sets the capabilities of each specified
> to the
> .I capabilities
> specified. The optional
> -.B \-n <rootid>
> +.B \-n <rootuid>
> argument can be used to set the file capability for use only in a
> -user namespace with this rootid owner. The
> +user namespace with this root user ID owner. The
> .B \-v
> option is used to verify that the specified capabilities are currently
> associated with the file. If \-v and \-n are supplied, the
> -.B \-n <rootid>
> +.B \-n <rootuid>
> argument is also verified.
> .PP
> The
> --
> 2.26.2
>
More information about the Linux-security-module-archive
mailing list