Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp1840311ybc; Wed, 20 Nov 2019 05:03:36 -0800 (PST) X-Google-Smtp-Source: APXvYqxrzgJNJlR5vWQp5aT/8I4RMx92fTbWE6Zwn+/v3//RV+Ham9mTFgcO5SbO3uExzI2gda6T X-Received: by 2002:a37:5805:: with SMTP id m5mr2262222qkb.32.1574255016167; Wed, 20 Nov 2019 05:03:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1574255016; cv=none; d=google.com; s=arc-20160816; b=u5gcA+lwQH7hHNOksA7rTKl3jqQH7o+TGg6uKBpkVRkLUt81wjov82wdTWz6n1G/s1 rWpG9QbXU0gecSkBZ40RRCNJhD+qX781nH0kCSG7gVVT5E3Zfberr0nhHYpSoMri09Es zJGkxZFIW+rPkSHvQ/8tLy3WbTkhQNfWi8anzVx2qDoCz73Cj3f59E40OKJak2YrZiLx 9AX/X0BBNYMeIiXullLY+0WgYydU+1GReJRRfPCbqoONU92+owm8xiL5mTjXlcvOmG2Q 9ok1iqbb37eb/6KVy6YWgfT1yle/IoRMgM8gMmhgBIZh12LcimvtjBl6VkTF6ED5e9G/ ZZqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=FDfQIdvNmwNiawulM29v9GlY4a3OII8q9LRcAw1Twyw=; b=m5ZOhj8IDVTwShcY8q1gldCfgf2Ugfwj3s9DZR3Lut8/9vBJI9L7gae8wl8nh+A6l/ 3ChzxvSWZvPXZM/kT0trRNtGdRkvMv6EpUBNbdW+HNU3DtV3uDzHvfikcEMuQHiCT1mG 1cCtmJKp3SiBQB6/RKAP9tEPS8DP9oqtW31tme7Pqxz6O/OgbZlK9Jiitfa07WStHb/1 TfhYz8yF58BvUjLqheTSjsGdDO0ErAoXRKVY7BEUXPpuwr7CuP6De76tEPK+jXdiBUpt IzKo2FF9UvsOj50+eo0modKX0FAPCXg709uEnZ+Rl0sim3HD3M0Pvsu4Yw6i5nC9JYH4 PMbQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@brauner.io header.s=google header.b=Yr645Hr2; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o6si920945ejc.435.2019.11.20.05.03.10; Wed, 20 Nov 2019 05:03:36 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@brauner.io header.s=google header.b=Yr645Hr2; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728834AbfKTKpQ (ORCPT + 99 others); Wed, 20 Nov 2019 05:45:16 -0500 Received: from mail-wr1-f67.google.com ([209.85.221.67]:43019 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728781AbfKTKpQ (ORCPT ); Wed, 20 Nov 2019 05:45:16 -0500 Received: by mail-wr1-f67.google.com with SMTP id n1so27506571wra.10 for ; Wed, 20 Nov 2019 02:45:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=brauner.io; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=FDfQIdvNmwNiawulM29v9GlY4a3OII8q9LRcAw1Twyw=; b=Yr645Hr2e9dLJx6WDTQ+pAr3Hu5YSHBdrHa9GMLiiqFgfeumBWNXKz1iUR0CGzSi3M vAkqeIv+CY7eyroHhBTzYoCHzUTMFNdDmEMIu85cWFOCmQWCmYN/pqwUIj4ZC+BN5rnE sYD6osVOAIMOiE2fNUZcKpdo743ydqqqihUfNXql/7ge+cCfiHGdBXiHCMCoS3qo4JUN wCXowLORgwjg3tQkL5BxEkQLEYMftoQr8fLbyQ+mNBlpRLysETHu/S57D0kYqREcseoD XFHAMRJQKSuap76nF60ZJ3hywrVRTgRUb5nCy1uErPtqiAqg2M0/ZRM+1YlJ1ztGEK+5 6iIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=FDfQIdvNmwNiawulM29v9GlY4a3OII8q9LRcAw1Twyw=; b=JB3hDP5iZ0XFarAJUGEB75w4FrqNPwU8eaZlKI9tkjo3sD8KPWc/6t9Ib+1NG//T4J ek8d9YT3Q0Tz1QuHScrCXPBd2RQpBDaAeF7JRQnQgDlNj2yvBHxMIicMGd0nlrH/9sGc RjJcILJwwanKZuT3xC4HV4R2iCCQ7vbnf/JSH4tx2j0IBuHIp73D0Ah+ib0fhzKpVR5d Vivmh+t+TK3PQQsXtrV5EMrhjsnwJ2Jbi/Zc0Gl7dS6wwWwLZTVNHULEdWVFqCn+ryCw R+1IEAJMCf14BvYvMuyoyrzttDSqdVeNYWo144iIVolcLC4UrCa+XnB6egeO1Hft5DfS vfLQ== X-Gm-Message-State: APjAAAWzJCJEYrFjAHTWcEiU5nWLbjbRKV3yKlvI2mslVy4JVKWSpfzw l0gxRDlk+zz+/BRpgdIO2o+Dxw== X-Received: by 2002:adf:fe8d:: with SMTP id l13mr2478867wrr.287.1574246713926; Wed, 20 Nov 2019 02:45:13 -0800 (PST) Received: from localhost.localdomain ([79.140.122.151]) by smtp.gmail.com with ESMTPSA id w10sm5973002wmd.26.2019.11.20.02.45.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Nov 2019 02:45:12 -0800 (PST) From: Christian Brauner To: mtk.manpages@gmail.com Cc: adrian@lisas.de, akpm@linux-foundation.org, arnd@arndb.de, avagin@gmail.com, christian.brauner@ubuntu.com, dhowells@redhat.com, fweimer@redhat.com, jannh@google.com, keescook@chromium.org, linux-api@vger.kernel.org, linux-kernel@vger.kernel.org, linux-man@vger.kernel.org, mingo@elte.hu, oleg@redhat.com, xemul@virtuozzo.com Subject: [PATCH] clone.2: Mention that CLONE_PARENT is off-limits for inits Date: Wed, 20 Nov 2019 11:45:04 +0100 Message-Id: <20191120104504.22411-1-christian@brauner.io> X-Mailer: git-send-email 2.24.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Christian Brauner The CLONE_PARENT flag cannot but used by init processes. Let's mention this in the manpages to prevent suprises. Signed-off-by: Christian Brauner --- man2/clone.2 | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/man2/clone.2 b/man2/clone.2 index f0f29d6f1..aa98ab79b 100644 --- a/man2/clone.2 +++ b/man2/clone.2 @@ -646,6 +646,13 @@ if .B CLONE_PARENT is set, then the parent of the calling process, rather than the calling process itself, will be signaled. +.IP +The kernel will not allow global init and init processes in pid +namespaces to use the +.B CLONE_PARENT +flag. This is done to prevent the creation of multi-rooted process +trees. It also avoids unreapable zombies in the initial pid +namespace. .TP .BR CLONE_PARENT_SETTID " (since Linux 2.5.49)" Store the child thread ID at the location pointed to by -- 2.24.0