summaryrefslogtreecommitdiff
path: root/Documentation
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-09-18 13:41:01 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2019-09-18 13:41:01 -0700
commitd013cc800a2a41b0496f99a11f3cff724cf65941 (patch)
tree43dfaac956d04461b8fcf24e7d4cf2582beb68b7 /Documentation
parente170eb27715fc9253ae031297d0638a3ef51b5da (diff)
parentcfddf9f4c9f038c91c6c61d5cf3a161731b5c418 (diff)
Merge tag 'filelock-v5.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux
Pull file locking updates from Jeff Layton: "Just a couple of minor bugfixes, a revision to a tracepoint to account for some earlier changes to the internals, and a patch to add a pr_warn message when someone tries to mount a filesystem with '-o mand' on a kernel that has that support disabled" * tag 'filelock-v5.4-1' of git://git.kernel.org/pub/scm/linux/kernel/git/jlayton/linux: locks: fix a memory leak bug in __break_lease() locks: print a warning when mount fails due to lack of "mand" support locks: Fix procfs output for file leases locks: revise generic_add_lease tracepoint
Diffstat (limited to 'Documentation')
-rw-r--r--Documentation/filesystems/mandatory-locking.txt10
1 files changed, 10 insertions, 0 deletions
diff --git a/Documentation/filesystems/mandatory-locking.txt b/Documentation/filesystems/mandatory-locking.txt
index 0979d1d2ca8b..a251ca33164a 100644
--- a/Documentation/filesystems/mandatory-locking.txt
+++ b/Documentation/filesystems/mandatory-locking.txt
@@ -169,3 +169,13 @@ havoc if they lock crucial files. The way around it is to change the file
permissions (remove the setgid bit) before trying to read or write to it.
Of course, that might be a bit tricky if the system is hung :-(
+7. The "mand" mount option
+--------------------------
+Mandatory locking is disabled on all filesystems by default, and must be
+administratively enabled by mounting with "-o mand". That mount option
+is only allowed if the mounting task has the CAP_SYS_ADMIN capability.
+
+Since kernel v4.5, it is possible to disable mandatory locking
+altogether by setting CONFIG_MANDATORY_FILE_LOCKING to "n". A kernel
+with this disabled will reject attempts to mount filesystems with the
+"mand" mount option with the error status EPERM.