diff options
Diffstat (limited to 'modules/pam_namespace/namespace.conf.5')
| -rw-r--r-- | modules/pam_namespace/namespace.conf.5 | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/modules/pam_namespace/namespace.conf.5 b/modules/pam_namespace/namespace.conf.5 index be3458f8..be186c9d 100644 --- a/modules/pam_namespace/namespace.conf.5 +++ b/modules/pam_namespace/namespace.conf.5 @@ -1,13 +1,13 @@ '\" t .\" Title: namespace.conf .\" Author: [see the "AUTHORS" section] -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/18/2017 +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 06/08/2020 .\" Manual: Linux-PAM Manual .\" Source: Linux-PAM Manual .\" Language: English .\" -.TH "NAMESPACE\&.CONF" "5" "05/18/2017" "Linux-PAM Manual" "Linux\-PAM Manual" +.TH "NAMESPACE\&.CONF" "5" "06/08/2020" "Linux-PAM Manual" "Linux\-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -53,7 +53,10 @@ characters also escape sequences \fI\et\fR are recognized\&. The fields are as follows: .PP -\fIpolydir\fR\fIinstance_prefix\fR\fImethod\fR\fIlist_of_uids\fR +\fIpolydir\fR +\fIinstance_prefix\fR +\fImethod\fR +\fIlist_of_uids\fR .PP The first field, \fIpolydir\fR, is the absolute pathname of the directory to polyinstantiate\&. The special string @@ -98,9 +101,13 @@ characters\&. \- the instance directories for "context" and "level" methods will not contain the user name and will be shared among all users\&. .PP \fImntopts\fR=\fIvalue\fR -\- value of this flag is passed to the mount call when the tmpfs mount is done\&. It allows for example the specification of the maximum size of the tmpfs instance that is created by the mount call\&. See -\fBmount\fR(8) -for details\&. +\- value of this flag is passed to the mount call when the tmpfs mount is done\&. It allows for example the specification of the maximum size of the tmpfs instance that is created by the mount call\&. In addition to options specified in the +\fBtmpfs\fR(5) +manual the +\fInosuid\fR, +\fInoexec\fR, and +\fInodev\fR +flags can be used to respectively disable setuid bit effect, disable running executables, and disable devices to be interpreted on the mounted tmpfs filesystem\&. .PP The directory where polyinstantiated instances are to be created, must exist and must have, by default, the mode of 0000\&. The requirement that the instance parent be of mode 0000 can be overridden with the command line option \fIignore_instance_parent_mode\fR |