diff options
Diffstat (limited to 'modules/pam_namespace/namespace.conf')
| -rw-r--r-- | modules/pam_namespace/namespace.conf | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/modules/pam_namespace/namespace.conf b/modules/pam_namespace/namespace.conf index b611a0f2..75ec6193 100644 --- a/modules/pam_namespace/namespace.conf +++ b/modules/pam_namespace/namespace.conf @@ -21,7 +21,10 @@ # is explicitly called with an argument to ignore the mode of the # instance parent. System administrators should use this argument with # caution, as it will reduce security and isolation achieved by -# polyinstantiation. +# polyinstantiation. The parent directories (except $HOME) are created +# at boot by pam_namespace_helper, but in a live system, system +# administrators should create the parent directories before enabling +# them here. # #/tmp /tmp-inst/ level root,adm #/var/tmp /var/tmp/tmp-inst/ level root,adm |