Commit 2f4c3306 authored by Stephen Kitt's avatar Stephen Kitt Committed by Jonathan Corbet
Browse files

docs: sysctl/kernel: document ngroups_max 



This is a read-only export of NGROUPS_MAX, so this patch also changes
the declarations in kernel/sysctl.c to const.

Signed-off-by: default avatarStephen Kitt <steve@sk2.org>
Reviewed-by: default avatarKees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20200515160222.7994-1-steve@sk2.org


Signed-off-by: default avatarJonathan Corbet <corbet@lwn.net>
parent 56b62540

Documentation/admin-guide/sysctl/kernel.rst

+9 −0
Original line number Diff line number Diff line
@@ -517,6 +517,15 @@ Notes: 
     successful IPC object allocation. If an IPC object allocation syscall

     fails, it is undefined if the value remains unmodified or is reset to -1.





ngroups_max

===========



Maximum number of supplementary groups, _i.e._ the maximum size which

``setgroups`` will accept. Exports ``NGROUPS_MAX`` from the kernel.







nmi_watchdog

============

kernel/sysctl.c

+2 −2
Original line number Diff line number Diff line
@@ -146,7 +146,7 @@ static unsigned long dirty_bytes_min = 2 * PAGE_SIZE; 
static int maxolduid = 65535;

static int minolduid;



static int ngroups_max = NGROUPS_MAX;

static const int ngroups_max = NGROUPS_MAX;

static const int cap_last_cap = CAP_LAST_CAP;



/*
@@ -883,7 +883,7 @@ static struct ctl_table kern_table[] = { 
#endif

	{

		.procname	= "ngroups_max",

		.data		= &ngroups_max,

		.data		= (void *)&ngroups_max,

		.maxlen		= sizeof (int),

		.mode		= 0444,

		.proc_handler	= proc_dointvec,

CRA Git | Maintained and supported by SUSTech CRA and CCSE