diff options
| -rw-r--r-- | man2/seccomp.2 | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/man2/seccomp.2 b/man2/seccomp.2 index dcb09c3aab..3642e5b9a3 100644 --- a/man2/seccomp.2 +++ b/man2/seccomp.2 @@ -138,7 +138,7 @@ In order to use the .BR SECCOMP_SET_MODE_FILTER operation, either the caller must have the .BR CAP_SYS_ADMIN -capability, or the thread must already have the +capability in its user namespace, or the thread must already have the .I no_new_privs bit set. If that bit was not already set by an ancestor of this thread, @@ -489,7 +489,7 @@ can fail for the following reasons: .BR EACCESS The caller did not have the .BR CAP_SYS_ADMIN -capability, or had not set +capability in its user namespace, or had not set .IR no_new_privs before using .BR SECCOMP_SET_MODE_FILTER . |