man: add link to kernel docs about no_new_privs

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index d043555860ac83c3d3f87b8298b3e64a0760ec08..0aa0552f067f2ebdef9ec314e8f7bb0200464b5c 100644 (file)
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -1448,7 +1448,11 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
         <varname>RestrictAddressFamilies=</varname>, <varname>RestrictNamespaces=</varname>,
         <varname>PrivateDevices=</varname>, <varname>ProtectKernelTunables=</varname>,
         <varname>ProtectKernelModules=</varname>, <varname>MemoryDenyWriteExecute=</varname>, or
-        <varname>RestrictRealtime=</varname> are specified.</para></listitem>
+        <varname>RestrictRealtime=</varname> are specified.</para>
+
+        <para>Also see
+        <ulink url="https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html">No New Privileges Flag</ulink>.
+        </para></listitem>
       </varlistentry>
 
       <varlistentry>