Issue in man page unshare.1

Issue in man page unshare.1

[Helge Kreutzmann]

Without further ado, the following was found:

Issue: B<sleep> → B<sleep>(1)

"The B<pidof>(1) command prints no output, because the B<sleep> processes "
"have been killed. More precisely, when the B<sleep> process that has PID 1 "
"in the namespace (i.e., the namespace\\(cqs init process) was killed, this "
"caused all other processes in the namespace to be killed. By contrast, a "
"similar series of commands where the B<--kill-child> option is not used "
"shows that when B<unshare> terminates, the processes in the PID namespace "
"are not killed:"

Issue in man page unshare.1

[Helge Kreutzmann]

Without further ado, the following was found:

Issue:  s/can not/cannot/

"The proc and sysfs filesystems mounting as root in a user namespace have to "
"be restricted so that a less privileged user can not get more access to "
"sensitive files that a more privileged user made unavailable. In short the "
"rule for proc and sysfs is as close to a bind mount as possible."

Issue in man page unshare.1

[Helge Kreutzmann]

Without further ado, the following was found:

Issue: B<readlink> → B<readlink>(1)

"The following command creates a PID namespace, using B<--fork> to ensure "
"that the executed command is performed in a child process that (being the "
"first process in the namespace) has PID 1. The B<--mount-proc> option "
"ensures that a new mount namespace is also simultaneously created and that a "
"new B<proc>(5) filesystem is mounted that contains information corresponding "
"to the new PID namespace. When the B<readlink> command terminates, the new "
"namespaces are automatically torn down."