From 32dbbd64167f908392c1ce51fef5310c36d882e0 Mon Sep 17 00:00:00 2001
From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Sun, 26 Jun 2016 20:36:33 +0200
Subject: [PATCH] getrlimit.2: Note user namespace semantics for
 CAP_SYS_RESOURCE

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man2/getrlimit.2 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/man2/getrlimit.2 b/man2/getrlimit.2
index 645b44508..a7a45d2d7 100644
--- a/man2/getrlimit.2
+++ b/man2/getrlimit.2
@@ -449,7 +449,8 @@ is 0, then the call applies to the calling process.
 To set or get the resources of a process other than itself,
 the caller must have the
 .B CAP_SYS_RESOURCE
-capability, or the
+capability in the user namespace of the process
+whose resource limits are being changed, or the
 real, effective, and saved set user IDs of the target process
 must match the real user ID of the caller
 .I and