From a6fabe384d8b2fc880c3649b4c0e7bda357fb91b Mon Sep 17 00:00:00 2001
From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
Date: Sun, 19 Nov 2017 11:58:45 +0100
Subject: [PATCH] man: add link to kernel docs about no_new_privs

---
 man/systemd.exec.xml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index d043555860a..0aa0552f067 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -1448,7 +1448,11 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
         <varname>RestrictAddressFamilies=</varname>, <varname>RestrictNamespaces=</varname>,
         <varname>PrivateDevices=</varname>, <varname>ProtectKernelTunables=</varname>,
         <varname>ProtectKernelModules=</varname>, <varname>MemoryDenyWriteExecute=</varname>, or
-        <varname>RestrictRealtime=</varname> are specified.</para></listitem>
+        <varname>RestrictRealtime=</varname> are specified.</para>
+
+        <para>Also see
+        <ulink url="https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html">No New Privileges Flag</ulink>.
+        </para></listitem>
       </varlistentry>
 
       <varlistentry>
-- 
2.39.5