The newgidmap sets /proc/[pid]/gid_map based on its command line
arguments and the gids allowed in /etc/subgid. Note that the root
user is not exempted from the requirement for a valid /etc/subgid
After the pid argument, newgidmap expects sets of 3 integers:
Beginning of the range of GIDs inside the user namespace.
Beginning of the range of GIDs outside the user namespace.
Length of the ranges (both inside and outside the user
newgidmap verifies that the caller is the owner of the process
indicated by pid and that for each of the above sets, each of the
GIDs in the range [lowergid, lowergid+count] is allowed to the caller
according to /etc/subgid before setting /proc/[pid]/gid_map.
Note that newgidmap may be used only once for a given process.
This page is part of the shadow-utils (utilities for managing
accounts and shadow password files) project. Information about the
project can be found at ⟨http://pkg-shadow.alioth.debian.org/⟩. If
you have a bug report for this manual page, see
⟨http://pkg-shadow.alioth.debian.org/getinvolved.php⟩. This page was
obtained from the project's upstream Git repository
⟨git://anonscm.debian.org/git/pkg-shadow/shadow.git⟩ on 2017-03-13.
If you discover any rendering problems in this HTML version of the
page, or you believe there is a better or more up-to-date source for
the page, or you have corrections or improvements to the information
in this COLOPHON (which is not part of the original manual page),
send a mail to email@example.com
shadow-utils 4.4 02/18/2017 NEWGIDMAP(1)