man: add link to kernel docs about no_new_privs

2017-11-19 11:58:45 +01:00 · 2017-11-19 11:58:45 +01:00 · a6fabe384d
parent f56e7bfe2b
commit a6fabe384d
1 changed files with 5 additions and 1 deletions
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@ -1448,7 +1448,11 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
        <varname>RestrictAddressFamilies=</varname>, <varname>RestrictNamespaces=</varname>,
        <varname>PrivateDevices=</varname>, <varname>ProtectKernelTunables=</varname>,
        <varname>ProtectKernelModules=</varname>, <varname>MemoryDenyWriteExecute=</varname>, or
-        <varname>RestrictRealtime=</varname> are specified.</para></listitem>
+        <varname>RestrictRealtime=</varname> are specified.</para>
+
+        <para>Also see
+        <ulink url="https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html">No New Privileges Flag</ulink>.
+        </para></listitem>
      </varlistentry>

      <varlistentry>