Start of man-pages-4.08: updating Changes and Changes.old

1 files changed, 713 insertions, 0 deletions

diff --git a/Changes.old b/Changes.old
index 5dce0b5be..4865aa6b6 100644
--- a/Changes.old
+++ b/Changes.old
@@ -41745,3 +41745,716 @@ ld.so.8
     Michael Kerrisk  [Alon Bar-Lev]
         Document use of $ORIGIN, $LIB, and $PLATFORM in environment variables
             These strings are meaningful in LD_LIBRARY_PATH and LD_PRELOAD.
+
+
+==================== Changes in man-pages-4.07 ====================
+
+Released: 2016-07-17, Ulm
+
+
+Contributors
+------------
+
+The following people contributed patches/fixes or (noted in brackets
+in the changelog below) reports, notes, and ideas that have been
+incorporated in changes in this release:
+
+Alec Leamas <leamas.alec@gmail.com>
+Andrey Vagin <avagin@openvz.org>
+Andy Lutomirski <luto@amacapital.net>
+Carsten Grohmann <carstengrohmann@gmx.de>
+Chris Gassib <position0x45@hotmail.com>
+Christoph Hellwig <hch@lst.de>
+Darren Hart <dvhart@infradead.org>
+Darrick J. Wong <darrick.wong@oracle.com>
+Élie Bouttier <elie@bouttier.eu>
+Eric Biggers <ebiggers3@gmail.com>
+Eric W. Biederman <ebiederm@xmission.com>
+Florian Weimer <fweimer@redhat.com>
+Håkon Sandsmark <hsandsma@cisco.com>
+Iustin Pop <iustin@k1024.org>
+Jacob Willoughby <jacob@spacemonkey.com>
+Jakub Wilk <jwilk@jwilk.net>
+James H Cownie <james.h.cownie@intel.com>
+Jann Horn <jann@thejh.net>
+John Wiersba <jrw32982@yahoo.com>
+Jörn Engel <joern@purestorage.com>
+Josh Triplett <josh@kernel.org>
+Kai Mäkisara <kai.makisara@kolumbus.fi>
+Kees Cook <keescook@chromium.org>
+Keno Fischer <keno@juliacomputing.com>
+Li Peng <lip@dtdream.com>
+Marko Kevac <marko@kevac.org>
+Marko Myllynen <myllynen@redhat.com>
+Michael Kerrisk <mtk.manpages@gmail.com>
+Michał Zegan <webczat_200@poczta.onet.pl>
+Miklos Szeredi <mszeredi@redhat.com>
+Mitch Walker <mitch@gearnine.com>
+Neven Sajko <nsajko@gmail.com>
+Nikos Mavrogiannopoulos <nmav@redhat.com>
+Omar Sandoval <osandov@fb.com>
+Ori Avtalion <ori@avtalion.name>
+Rahul Bedarkar <rahulbedarkar89@gmail.com>
+Robin Kuzmin <kuzmin.robin@gmail.com>
+Rob Landley <rob@landley.net>
+Shawn Landden <shawn@churchofgit.com>
+Stefan Puiu <stefan.puiu@gmail.com>
+Stephen Smalley <sds@tycho.nsa.gov>
+Szabolcs Nagy <szabolcs.nagy@arm.com>
+Thomas Gleixner <tglx@linutronix.de>
+Tobias Stoeckmann <tobias@stoeckmann.org>
+Tom Callaway <tcallawa@redhat.com>
+Tom Gundersen <teg@jklm.no>
+Vince Weaver <vincent.weaver@maine.edu>
+W. Trevor King <wking@tremily.us>
+"Yuming Ma(马玉明)" <mayuming@le.com>
+
+Apologies if I missed anyone!
+
+
+New and rewritten pages
+-----------------------
+
+ioctl_fideduperange.2
+    Darrick J. Wong  [Christoph Hellwig, Michael Kerrisk]
+        New page documenting the FIDEDUPERANGE ioctl
+            Document the FIDEDUPERANGE ioctl, formerly known as
+            BTRFS_IOC_EXTENT_SAME.
+
+ioctl_ficlonerange.2
+    Darrick J. Wong  [Christoph Hellwig, Michael Kerrisk]
+        New page documenting FICLONE and FICLONERANGE ioctls
+            Document the FICLONE and FICLONERANGE ioctls, formerly known as
+            the BTRFS_IOC_CLONE and BTRFS_IOC_CLONE_RANGE ioctls.
+
+nextup.3
+    Michael Kerrisk
+        New page documenting nextup(), nextdown(), and related functions
+
+mount_namespaces.7
+    Michael Kerrisk  [Michael Kerrisk]
+        New page describing mount namespaces
+
+
+Newly documented interfaces in existing pages
+---------------------------------------------
+
+mount.2
+    Michael Kerrisk
+        Document flags used to set propagation type
+            Document MS_SHARED, MS_PRIVATE, MS_SLAVE, and MS_UNBINDABLE.
+    Michael Kerrisk
+        Document the MS_REC flag
+
+ptrace.2
+    Michael Kerrisk  [Kees Cook, Jann Horn, Eric W. Biederman, Stephen Smalley]
+        Document ptrace access modes
+
+proc.5
+    Michael Kerrisk
+        Document /proc/[pid]/timerslack_ns
+    Michael Kerrisk
+        Document /proc/PID/status 'Ngid' field
+    Michael Kerrisk
+        Document /proc/PID/status fields: 'NStgid', 'NSpid', 'NSpgid', 'NSsid'
+    Michael Kerrisk
+        Document /proc/PID/status 'Umask' field
+
+
+New and changed links
+---------------------
+
+nextdown.3
+nextdownf.3
+nextdownl.3
+nextupf.3
+nextupl.3
+    Michael Kerrisk
+        New links to nextup(3)
+
+
+Changes to individual pages
+---------------------------
+
+ldd.1
+    Michael Kerrisk
+        Add a little more detail on why ldd is unsafe with untrusted executables
+    Michael Kerrisk
+        Add more detail on the output of ldd
+
+localedef.1
+    Marko Myllynen
+        Drop --old-style description
+            The glibc upstream decided to drop localedef(1) --old-style
+            option [1] altogether, I think we can do the same with
+            localedef(1), the option hasn't done anything in over 16
+            years and I doubt anyone uses it.
+
+add_key.2
+    Mitch Walker
+        Empty payloads are not allowed in user-defined keys
+
+chroot.2
+    Michael Kerrisk
+        SEE ALSO: add pivot_root(2)
+
+clone.2
+    Michael Kerrisk
+        Add reference to mount_namespaces(7) under CLONE_NEWNS description
+
+fork.2
+    Michael Kerrisk
+        Add ENOMEM error for PID namespace where "init" has died
+
+futex.2
+    Michael Kerrisk
+        Correct an ENOSYS error description
+            Since Linux 4.5, FUTEX_CLOCK_REALTIME is allowed with FUTEX_WAIT.
+    Michael Kerrisk  [Darren Hart]
+        Remove crufty text about FUTEX_WAIT_BITSET interpretation of timeout
+            Since Linux 4.5, FUTEX_WAIT also understands
+            FUTEX_CLOCK_REALTIME.
+    Michael Kerrisk  [Thomas Gleixner]
+        Explain how to get equivalent of FUTEX_WAIT with an absolute timeout
+    Michael Kerrisk
+        Describe FUTEX_BITSET_MATCH_ANY
+            Describe FUTEX_BITSET_MATCH_ANY and FUTEX_WAIT and FUTEX_WAKE
+            equivalences.
+    Michael Kerrisk
+        Note that at least one bit must be set in mask for BITSET operations
+            At least one bit must be set in the 'val3' mask supplied for the
+            FUTEX_WAIT_BITSET and FUTEX_WAKE_BITSET operations.
+    Michael Kerrisk  [Thomas Gleixner, Darren Hart]
+        Fix descriptions of various timeouts
+    Michael Kerrisk
+        Clarify clock default and choices for FUTEX_WAIT
+
+getitimer.2
+    Michael Kerrisk
+        Substantial rewrites to various parts of the page
+    Michael Kerrisk  [Tom Callaway]
+        Change license to note that page may be modified
+            The page as originally written carried text that said the page may
+            be freely distributed but made no statement about modification.
+            In the 20+ years since it was first written, the page has in fact
+            seen repeated, sometimes substantial, modifications, and only a
+            small portion of the original text remains. One could I suppose
+            rewrite the last few pieces that remain from the original,
+            but as the largest contributor to the pages existing text,
+            I'm just going to relicense it to explicitly note that
+            modification is permitted. (I presume the failure by the
+            original author to grant permission to modify was simply an
+            oversight; certainly, the large number of people who have
+            changed the page have taken that to be the case.)
+
+            See also https://bugzilla.kernel.org/show_bug.cgi?id=118311
+
+get_mempolicy.2
+    Michael Kerrisk  [Jörn Engel]
+        Correct rounding to 'maxnodes' (bits, not bytes)
+    Michael Kerrisk  [Jörn Engel]
+        Fix prototype for get_mempolicy()
+            In numaif.h, 'addr' is typed as 'void *'
+
+getpriority.2
+    Michael Kerrisk
+        Make discussion of RLIMIT_NICE more prominent
+            The discussion of RLIMIT_NICE was hidden under the EPERM error,
+            where it was difficult to find. Place some relevant text in
+            DESCRIPTION.
+    Michael Kerrisk
+        Note that getpriority()/setpriority deal with same attribute as nice(2)
+    Michael Kerrisk  [Robin Kuzmin]
+        Clarify equivalence between lower nice value and higher priority
+
+get_robust_list.2
+    Michael Kerrisk
+        get_robust_list() is governed by PTRACE_MODE_READ_REALCREDS
+
+ioctl.2
+    Michael Kerrisk
+        SEE ALSO: add ioctl_fideduperange(2) and ioctl_ficlonerange(2)
+
+kcmp.2
+    Michael Kerrisk
+        kcmp() is governed by PTRACE_MODE_READ_REALCREDS
+    Shawn Landden
+        Note about SECURITY_YAMA
+kill.2
+    Michael Kerrisk  [John Wiersba]
+        Clarify the meaning if sig==0
+
+lookup_dcookie.2
+    Michael Kerrisk
+        SEE ALSO: add oprofile(1)
+
+mmap.2
+    Michael Kerrisk  [Rahul Bedarkar]
+        EXAMPLE: for completeness, add munmap() and close() calls
+
+mount.2
+    Michael Kerrisk
+        Restructure discussion of 'mountflags' into functional groups
+            The existing text makes no differentiation between different
+            "classes" of mount flags. However, certain flags such as
+            MS_REMOUNT, MS_BIND, MS_MOVE, etc. determine the general
+            type of operation that mount() performs. Furthermore, the
+            choice of which class of operation to perform is performed in
+            a certain order, and that order is significant if multiple
+            flags are specified. Restructure and extend the text to
+            reflect these details.
+    Michael Kerrisk
+        Relocate text on multimounting and mount stacking to NOTES
+            The text was somewhat out of place in its previous location;
+            NOTES is a better location.
+    Michael Kerrisk
+        Remove version numbers attached to flags that are modifiable on remount
+            This information was simply bogus. Mea culpa.
+    Michael Kerrisk
+        Refer reader to mount_namespaces(7) for details on propagation types
+    Michael Kerrisk
+        SEE ALSO: s/namespaces(7)/mount_namespaces(7)/
+    Omar Sandoval
+        MS_BIND still ignores mountflags
+            This is clear from the do_mount() function in the kernel as of v4.6.
+    Michael Kerrisk
+        Note the default treatment of ATIME flags during MS_REMOUNT
+            The behavior changed in Linux 3.17.
+    Michael Kerrisk
+        Clarify that MS_MOVE ignores remaining bits in 'mountflags'
+    Michael Kerrisk
+        Note kernel version that added MS_MOVE
+    Michael Kerrisk
+        MS_NOSUID also disables file capabilities
+    Michael Kerrisk
+        Relocate/demote/rework text on MS_MGC_VAL
+            The use of this constant has not been needed for 15 years now.
+    Michael Kerrisk
+        Clarify that 'source' and 'target' are pathnames, and can refer to files
+    Michael Kerrisk
+        Update example list of filesystem types
+            Put more modern examples in; remove many older examples.
+    Michael Kerrisk
+        MS_LAZYTIME and MS_RELATIME can be changed on remount
+    Michael Kerrisk
+        Explicitly note that MS_DIRSYNC setting cannot be changed on remount
+    Michael Kerrisk
+        Move text describing 'data' argument higher up in page
+            In preparation for other reworking.
+    Michael Kerrisk
+        Since Linux 2.6.26, bind mounts can be made read-only
+
+open.2
+    Eric Biggers
+        Refer to correct functions in description of O_TMPFILE
+
+pciconfig_read.2
+    Michael Kerrisk  [Tom Callaway]
+        Change license to note that page may be modified
+            Niki Rahimi, the author of this page, has agreed that it's okay
+            to change the license to note that the page can be modified.
+
+            See https://bugzilla.kernel.org/show_bug.cgi?id=118311
+
+perf_event_open.2
+    Michael Kerrisk
+        If pid > 0, the operation is governed by PTRACE_MODE_READ_REALCREDS
+    Jann Horn
+        Document new perf_event_paranoid default
+    Keno Fischer  [Vince Weaver]
+        Add a note that dyn_size is omitted if size == 0
+            The perf_output_sample_ustack in kernel/events/core.c only writes
+            a single 64 bit word if it can't dump the user registers. From the
+            current version of the man page, I would have expected two 64 bit
+            words (one for size, one for dyn_size). Change the man page to
+            make this behavior explicit.
+
+prctl.2
+    Michael Kerrisk
+        Some wording improvements in timer slack description
+    Michael Kerrisk
+        Refer reader to discussion of /proc/[pid]/timerslack_ns
+            Under discussion of PR_SET_TIMERSLACK, refer the reader to
+            the /proc/[pid]/timerslack_ns file, documented in proc(5).
+
+preadv2.2
+    Michael Kerrisk
+        New link to readv(2)
+            This link should have been added in the previous release...
+
+process_vm_readv.2
+    Michael Kerrisk
+        Rephrase permission rules in terms of a ptrace access mode check
+
+ptrace.2
+    Michael Kerrisk  [Jann Horn]
+        Update Yama ptrace_scope documentation
+            Reframe the discussion in terms of PTRACE_MODE_ATTACH checks,
+            and make a few other minor tweaks and additions.
+    Michael Kerrisk, Jann Horn
+        Note that user namespaces can be used to bypass Yama protections
+    Michael Kerrisk
+        Note that PTRACE_SEIZE is subject to a ptrace access mode check
+    Michael Kerrisk
+        Rephrase PTRACE_ATTACH permissions in terms of ptrace access mode check
+
+pwritev2.2
+    Michael Kerrisk
+        New link to readv(2)
+            This link should have been added in the previous release...
+
+quotactl.2
+    Michael Kerrisk  [Jacob Willoughby]
+        'dqb_curspace' is in bytes, not blocks
+            This error appears to have been injected into glibc
+            when copying some headers from BSD.
+
+            See https://bugs.debian.org/825548
+
+recv.2
+    Michael Kerrisk  [Tom Gundersen]
+        With pending 0-length datagram read() and recv() with flags == 0 differ
+
+setfsgid.2
+setfsuid.2
+    Jann Horn  [Michael Kerrisk]
+        Fix note about errors from the syscall wrapper
+            See sysdeps/unix/sysv/linux/i386/setfsuid.c in glibc-2.2.1.
+            (This code is not present in modern glibc anymore.)
+    Michael Kerrisk
+        Move glibc wrapper notes to "C library/kernel differences" subsection
+
+sysinfo.2
+    Michael Kerrisk
+        Rewrite and update various pieces
+
+umask.2
+    Michael Kerrisk
+        NOTES: Mention /proc/PID/status 'Umask' field
+
+umount.2
+    Michael Kerrisk
+        SEE ALSO: add mount_namespaces(7)
+
+unshare.2
+    Michael Kerrisk
+        Add reference to mount_namespaces(7) under CLONE_NEWNS description
+
+utimensat.2
+    Michael Kerrisk  [Rob Landley]
+        Note that the glibc wrapper disallows pathname==NULL
+
+wait.2
+    Michael Kerrisk
+        Since Linux 4.7, __WALL is implied if child being ptraced
+    Michael Kerrisk
+        waitid() now (since Linux 4.7) also supports __WNOTHREAD/__WCLONE/__WALL
+
+assert.3
+    Nikos Mavrogiannopoulos
+        Improved description
+            Removed text referring to text not being helpful to users. Provide
+            the error text instead to allow the reader to determine whether it
+            is helpful.  Recommend against using NDEBUG for programs to
+            exhibit deterministic behavior.  Moved description ahead of
+            recommendations.
+    Michael Kerrisk
+        Clarify details of message printed by assert()
+
+fmax.3
+fmin.3
+    Michael Kerrisk
+        SEE ALSO: add fdim(3)
+
+getauxval.3
+    Cownie, James H
+        Correct AT_HWCAP result description
+
+inet_pton.3
+    Stefan Puiu
+        Mention byte order
+            Come to think of it, this probably applies to IPv6 as well. Moving to
+            the paragraph before:
+
+malloc_hook.3
+    Michael Kerrisk
+        glibc 2.24 removes __malloc_initialize_hook
+
+memmem.3
+    Michael Kerrisk  [Shawn Landden]
+        Note that memmem() is present on some other systems
+
+mkdtemp.3
+mktemp.3
+    Michael Kerrisk
+        SEE ALSO: add mktemp(1)
+
+printf.3
+    Michael Kerrisk  [Shawn Landden]
+        Note support in other C libraries for %m and %n
+
+strcasecmp.3
+    Michael Kerrisk  [Ori Avtalion]
+        Make details of strncasecmp() comparison clearer
+
+strcat.3
+    Michael Kerrisk
+        Add a program that shows the performance characteristics of strcat()
+            In honor of Joel Spolksy's visit to Munich, let's start educating
+            Schlemiel The Painter.
+
+strtoul.3
+    Michael Kerrisk
+        SEE ALSO: add a64l(3)
+
+strxfrm.3
+    Michael Kerrisk  [Florian Weimer]
+        Remove NOTES section
+            strxfrm() and strncpy() are not precisely equivalent in the
+            POSIX locale, so this NOTES section was not really correct.
+
+            See https://bugzilla.kernel.org/show_bug.cgi?id=104221
+
+console_codes.4
+console_ioctl.4
+tty.4
+vcs.4
+charsets.7
+    Marko Myllynen
+        Remove console(4) references
+            0f9e647 removed the obsolete console(4) page but we still have few
+            references to it. The patch below removes them or converts to refs
+            to concole_ioctl(4) where appropriate.
+
+console_ioctl.4
+    Michael Kerrisk  [Chris Gassib]
+        The argument to KDGETMODE is an 'int'
+
+lirc.4
+    Alec Leamas
+        Update after upstreamed lirc.h, bugfixes.
+
+st.4
+    Kai Mäkisara
+        Fix description of read() when block is larger than request
+    Kai Mäkisara
+        Update MTMKPART for kernels >= 4.6
+            Update the description of the MTMKPART operation of MTIOCTOP to match
+            the changes in kernel version 4.6.
+
+charmap.5
+    Marko Myllynen
+        Clarify keyword syntax
+            Updates charmap(5) to match the syntax all the glibc
+            charmap files are using currently.
+
+elf.5
+    Michael Kerrisk
+        SEE ALSO: add readelf(1)
+
+locale.5
+    Marko Myllynen
+        Document missing keywords, minor updates
+    Marko Myllynen
+        Clarify keyword syntax
+    Marko Myllynen
+        Adjust conformance
+
+proc.5
+namespaces.7
+    Michael Kerrisk
+        Move /proc/PID/mounts information to proc(5)
+            There was partial duplication, and some extra information
+            in namespaces(7). Move everything to proc(5).
+
+proc.5
+    Michael Kerrisk
+        /proc/PID/fd/* are governed by PTRACE_MODE_READ_FSCREDS
+            Permission to dereference/readlink /proc/PID/fd/* symlinks is
+            governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
+    Michael Kerrisk
+        /proc/PID/timerslack_ns is governed by PTRACE_MODE_ATTACH_FSCREDS
+            Permission to access /proc/PID/timerslack_ns is governed by
+            a PTRACE_MODE_ATTACH_FSCREDS ptrace access mode check.
+    Michael Kerrisk
+        Document /proc/PID/{maps,mem,pagemap} access mode checks
+            Permission to access /proc/PID/{maps,pagemap} is governed by a
+            PTRACE_MODE_READ_FSCREDS ptrace access mode check.
+
+            Permission to access /proc/PID/mem is governed by a
+            PTRACE_MODE_ATTACH_FSCREDS ptrace access mode check.
+    Michael Kerrisk
+        Note /proc/PID/stat fields that are governed by PTRACE_MODE_READ_FSCREDS
+    Michael Kerrisk
+        /proc/PID/{cwd,exe,root} are governed by PTRACE_MODE_READ_FSCREDS
+            Permission to dereference/readlink /proc/PID/{cwd,exe,root} is
+            governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
+    Michael Kerrisk
+        /proc/PID/io is governed by PTRACE_MODE_READ_FSCREDS
+            Permission to access /proc/PID/io is governed by
+            a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
+    Michael Kerrisk
+        /proc/PID/{personality,stack,syscall} are governed by PTRACE_MODE_ATTACH_FSCREDS
+            Permission to access /proc/PID/{personality,stack,syscall} is
+            governed by a PTRACE_MODE_ATTACH_FSCREDS ptrace access mode check.
+    Michael Kerrisk
+        /proc/PID/{auxv,environ,wchan} are governed by PTRACE_MODE_READ_FSCREDS
+            Permission to access /proc/PID/{auxv,environ,wchan} is governed by
+            a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
+    Michael Kerrisk
+        Move shared subtree /proc/PID/mountinfo fields to mount_namespaces(7)
+            Move information on shared subtree fields in /proc/PID/mountinfo
+            to mount_namespaces(7).
+    Michael Kerrisk  ["Yuming Ma(马玉明)"]
+        Note that /proc/net is now virtualized per network namespace
+    Michael Kerrisk
+        Add references to mount_namespaces(7)
+
+repertoiremap.5
+    Marko Myllynen
+        Clarify keyword syntax
+
+utmp.5
+    Michael Kerrisk
+        SEE ALSO: add logname(1)
+
+capabilities.7
+    Michael Kerrisk  [Andy Lutomirski]
+        Note on SECURE_NO_CAP_AMBIENT_RAISE for capabilities-only environment
+    Michael Kerrisk
+        Add a detail on use of securebits
+
+cgroup_namespaces.7
+    Michael Kerrisk
+        SEE ALSO: add namespaces(7)
+
+cgroups.7
+    Michael Kerrisk
+        ERRORS: add mount(2) EBUSY error
+
+cp1251.7
+cp1252.7
+iso_8859-1.7
+iso_8859-15.7
+iso_8859-5.7
+koi8-r.7
+koi8-u.7
+    Marko Myllynen
+        Add some charset references
+            Add some references to related charsets here and there.
+
+credentials.7
+    Michael Kerrisk
+        SEE ALSO: add runuser(1)
+        SEE ALSO: add newgrp(1)
+        SEE ALSO: add sudo(8)
+
+feature_test_macros.7
+    Michael Kerrisk
+        Emphasize that applications should not directly include <features.h>
+
+man-pages.7
+    Michael Kerrisk
+        Clarify which sections man-pages provides man pages for
+    Michael Kerrisk  [Josh Triplett]
+        Add a few more details on formatting conventions
+            Add some more details for Section 1 and 8 formatting.
+            Separate out formatting discussion into commands, functions,
+            and "general".
+
+namespaces.7
+    Michael Kerrisk
+        /proc/PID/ns/* are governed by PTRACE_MODE_READ_FSCREDS
+            Permission to dereference/readlink /proc/PID/ns/* symlinks is
+            governed by a PTRACE_MODE_READ_FSCREDS ptrace access mode check.
+    Michael Kerrisk
+        Nowadays, file changes in /proc/PID/mounts are notified differently
+            Exceptional condition for select(), (E)POLLPRI for (e)poll
+    Michael Kerrisk
+        Remove /proc/PID/mountstats description
+            This is a duplicate of information in proc(5).
+    Michael Kerrisk
+        Refer to new mount_namespaces(7) for information on mount namespaces
+
+netlink.7
+    Andrey Vagin
+        Describe netlink socket options
+    Michael Kerrisk
+        Rework version information
+            (No changes in technical details.)
+
+pid_namespaces.7
+    Michael Kerrisk
+        SEE ALSO: add namespaces(7)
+
+unix.7
+    Michael Kerrisk
+        Move discussion on pathname socket permissions to DESCRIPTION
+    Michael Kerrisk
+        Expand discussion of socket permissions
+    Michael Kerrisk
+        Fix statement about permissions needed to connect to a UNIX doain socket
+            Read permission is not required (verified by experiment).
+    Michael Kerrisk
+        Clarify ownership and permissions assigned during socket creation
+    Michael Kerrisk  [Carsten Grohmann]
+        Update text on socket permissions on other systems
+            At least some of the modern BSDs seem to check for write
+            permission on a socket. (I tested OpenBSD 5.9.) On Solaris 10,
+            some light testing suggested that write permission is still
+            not checked on that system.
+    Michael Kerrisk
+        Note that umask / permissions have no effect for abstract sockets
+    W. Trevor King
+        Fix example code: 'ret' check after accept populates 'data_socket'
+    Michael Kerrisk
+        Move some abstract socket details to a separate subsection
+    Michael Kerrisk
+        Note that abstract sockets automatically disappear when FDs are closed
+
+user_namespaces.7
+    Michael Kerrisk  [Michał Zegan]
+        Clarify meaning of privilege in a user namespace
+            Having privilege in a user NS only allows privileged
+            operations on resources governed by that user NS. Many
+            privileged operations relate to resources that have no
+            association with any namespace type, and only processes
+            with privilege in the initial user NS can perform those
+            operations.
+
+            See https://bugzilla.kernel.org/show_bug.cgi?id=120671
+    Michael Kerrisk  [Michał Zegan]
+        List the mount operations permitted by CAP_SYS_ADMIN
+            List the mount operations permitted by CAP_SYS_ADMIN in a
+            noninitial userns.
+
+            See https://bugzilla.kernel.org/show_bug.cgi?id=120671
+    Michael Kerrisk  [Michał Zegan]
+        CAP_SYS_ADMIN allows mounting cgroup filesystems
+            See https://bugzilla.kernel.org/show_bug.cgi?id=120671
+    Michael Kerrisk
+        Clarify details of CAP_SYS_ADMIN and cgroup v1 mounts
+            With respect to cgroups version 1, CAP_SYS_ADMIN in the user
+            namespace allows only *named* hierarchies to be mounted (and
+            not hierarchies that have a controller).
+    Michael Kerrisk
+        Clarify CAP_SYS_ADMIN details for mounting FS_USERNS_MOUNT filesystems
+    Michael Kerrisk
+        Correct user namespace rules for mounting /proc
+    Michael Kerrisk
+        Describe a concrete example of capability checking
+            Add a concrete example of how the kernel checks capabilities in
+            an associated user namespace when a process attempts a privileged
+            operation.
+    Michael Kerrisk
+        Correct kernel version where XFS added support for user namespaces
+            Linux 3.12, not 3.11.
+    Michael Kerrisk
+        SEE ALSO: add ptrace(2)
+        SEE ALSO: add cgroup_namespaces(7)
+
+utf-8.7:
+    Shawn Landden
+        Include RFC 3629 and clarify endianness which is left ambiguous
+            The endianness is suggested by the order the bytes are displayed,
+            but the text is ambiguous.