From 333446b9a6e1ad6219d21bfc58bfae9bf41ace94 Mon Sep 17 00:00:00 2001
From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Fri, 22 Mar 2013 08:14:13 +0100
Subject: [PATCH] unshare.2: Note restrictions on CLONE_NEWUSER with other
 CLONE_* flags

Refer to user_namespaces(7) for restrictions on CLONE_NEWUSER
with other CLONE_* flags.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man2/unshare.2 | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/man2/unshare.2 b/man2/unshare.2
index e922e9917..ec9c26e9c 100644
--- a/man2/unshare.2
+++ b/man2/unshare.2
@@ -187,6 +187,13 @@ flag, the caller obtains a full set of capabilities in the new namespace.
 requires that the calling process is not threaded and the user ID and group ID
 of the calling process are mapped user IDs and group IDs in the
 user namespace of the calling process at the time of the call.
+.IP
+.BR CLONE_NEWUSER
+cannot be specified in conjunction with various other
+.BR CLONE_*
+flags.
+For further details, see
+.BR user_namespaces (7).
 .TP
 .BR CLONE_NEWUTS " (since Linux 2.6.19)"
 This flag has the same effect as the