Newer kernels in principle support the creation of ID-mapped mounts for filesystems mountable in non-initial user namespaces. Currently, no such filesystem has been ported to support this though. But we should nonetheless update the conditions. Signed-off-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx> --- man2/mount_setattr.2 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/man2/mount_setattr.2 b/man2/mount_setattr.2 index 2bf1b24da..0999373d6 100644 --- a/man2/mount_setattr.2 +++ b/man2/mount_setattr.2 @@ -649,10 +649,11 @@ The following conditions must be met in order to create an ID-mapped mount: .IP \(bu 3 The caller must have the .B CAP_SYS_ADMIN -capability in the initial user namespace. -.IP \(bu -The filesystem must be mounted in a mount namespace -that is owned by the initial user namespace. +capability in the user namespace the filesystem was mounted in. +.\" commit bd303368b776eead1c29e6cdda82bde7128b82a7 +.\" Christian Brauner +.\" Note, currently no filesystems mountable in non-initial user namespaces +.\" support ID-mapped mounts. .IP \(bu The underlying filesystem must support ID-mapped mounts. Currently, the -- 2.34.1
