diff options
Diffstat (limited to 'man/newgidmap.1.xml')
-rw-r--r-- | man/newgidmap.1.xml | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/man/newgidmap.1.xml b/man/newgidmap.1.xml index 5fff36f7..681aefcb 100644 --- a/man/newgidmap.1.xml +++ b/man/newgidmap.1.xml @@ -87,9 +87,15 @@ <refsect1 id='description'> <title>DESCRIPTION</title> <para> - The <command>newgidmap</command> sets <filename>/proc/[pid]/gid_map</filename> based on its - command line arguments and the gids allowed in <filename>/etc/subgid</filename>. - Note that the root user is not exempted from the requirement for a valid + The <command>newgidmap</command> sets <filename>/proc/[pid]/gid_map</filename> + based on its command line arguments and the gids allowed. Subgid + delegation can either be managed via <filename>/etc/subgid</filename> + or through the configured NSS subid module. These options are mutually + exclusive. + </para> + + <para> + Note that the root group is not exempted from the requirement for a valid <filename>/etc/subgid</filename> entry. </para> @@ -127,7 +133,7 @@ <command>newgidmap</command> verifies that the caller is the owner of the process indicated by <option>pid</option> and that for each of the above sets, each of the GIDs in the range [lowergid, - lowergid+count] is allowed to the caller according to + lowergid+count) is allowed to the caller according to <filename>/etc/subgid</filename> before setting <filename>/proc/[pid]/gid_map</filename>. </para> |