diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-09-18 13:41:01 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-09-18 13:41:01 -0700 |
commit | d013cc800a2a41b0496f99a11f3cff724cf65941 (patch) | |
tree | 43dfaac956d04461b8fcf24e7d4cf2582beb68b7 /Documentation | |
parent | e170eb27715fc9253ae031297d0638a3ef51b5da (diff) | |
parent | cfddf9f4c9f038c91c6c61d5cf3a161731b5c418 (diff) |
Merge tag 'filelock-v5.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux
Pull file locking updates from Jeff Layton:
"Just a couple of minor bugfixes, a revision to a tracepoint to account
for some earlier changes to the internals, and a patch to add a
pr_warn message when someone tries to mount a filesystem with '-o
mand' on a kernel that has that support disabled"
* tag 'filelock-v5.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux:
locks: fix a memory leak bug in __break_lease()
locks: print a warning when mount fails due to lack of "mand" support
locks: Fix procfs output for file leases
locks: revise generic_add_lease tracepoint
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/filesystems/mandatory-locking.txt | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/Documentation/filesystems/mandatory-locking.txt b/Documentation/filesystems/mandatory-locking.txt index 0979d1d2ca8b..a251ca33164a 100644 --- a/Documentation/filesystems/mandatory-locking.txt +++ b/Documentation/filesystems/mandatory-locking.txt @@ -169,3 +169,13 @@ havoc if they lock crucial files. The way around it is to change the file permissions (remove the setgid bit) before trying to read or write to it. Of course, that might be a bit tricky if the system is hung :-( +7. The "mand" mount option +-------------------------- +Mandatory locking is disabled on all filesystems by default, and must be +administratively enabled by mounting with "-o mand". That mount option +is only allowed if the mounting task has the CAP_SYS_ADMIN capability. + +Since kernel v4.5, it is possible to disable mandatory locking +altogether by setting CONFIG_MANDATORY_FILE_LOCKING to "n". A kernel +with this disabled will reject attempts to mount filesystems with the +"mand" mount option with the error status EPERM. |