diff options
| author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 21:23:37 -0800 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2019-01-08 22:11:51 -0800 |
| commit | 7e6c4749370338c9af7e1b959f8ab96d089786d6 (patch) | |
| tree | 2da5e702d7da7b222237ea5ac71e208dd70791a6 /modules/pam_namespace/namespace.conf.5.xml | |
| parent | fa4960114fc50965a9696f2db7406a9d792e3ff8 (diff) | |
| parent | 795badba7f95e737f979917859cd32c9bd47bcad (diff) | |
Merge upstream version 1.1.8
Diffstat (limited to 'modules/pam_namespace/namespace.conf.5.xml')
| -rw-r--r-- | modules/pam_namespace/namespace.conf.5.xml | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/modules/pam_namespace/namespace.conf.5.xml b/modules/pam_namespace/namespace.conf.5.xml index 61c8673b..c7698cb4 100644 --- a/modules/pam_namespace/namespace.conf.5.xml +++ b/modules/pam_namespace/namespace.conf.5.xml @@ -61,7 +61,7 @@ <para> The second field, <replaceable>instance_prefix</replaceable> is the string prefix used to build the pathname for the instantiation - of <polydir>. Depending on the polyinstantiation + of <polydir>. Depending on the polyinstantiation <replaceable>method</replaceable> it is then appended with "instance differentiation string" to generate the final instance directory path. This directory is created if it did not exist @@ -75,7 +75,7 @@ <para> The third field, <replaceable>method</replaceable>, is the method used for polyinstantiation. It can take these values; "user" - for polyinstantiation based on user name, "level" for + for polyinstantiation based on user name, "level" for polyinstantiation based on process MLS level and user name, "context" for polyinstantiation based on process security context and user name, "tmpfs" for mounting tmpfs filesystem as an instance dir, and @@ -97,7 +97,7 @@ The <replaceable>method</replaceable> field can contain also following optional flags separated by <emphasis>:</emphasis> characters. </para> - + <para><emphasis>create</emphasis>=<replaceable>mode</replaceable>,<replaceable>owner</replaceable>,<replaceable>group</replaceable> - create the polyinstantiated directory. The mode, owner and group parameters are optional. The default for mode is determined by umask, the default @@ -119,6 +119,14 @@ contain the user name and will be shared among all users. </para> + <para><emphasis>mntopts</emphasis>=<replaceable>value</replaceable> + - value of this flag is passed to the mount call when the tmpfs mount is + done. It allows for example the specification of the maximum size of the + tmpfs instance that is created by the mount call. See <citerefentry> + <refentrytitle>mount</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> for details. + </para> + <para> The directory where polyinstantiated instances are to be created, must exist and must have, by default, the mode of 0000. The |