From 981eda4aa533b0bac9bffb35738bc48c0522daff Mon Sep 17 00:00:00 2001
From: Michael Kerrisk <mtk.manpages@gmail.com>
Date: Fri, 8 Nov 2019 22:40:45 +0100
Subject: [PATCH] clone.2: Consistently order paragraphs for CLONE_NEW* flags

Sometimes the descriptions of these flags mentioned the
corresponding section 7 namespace manual page and then the
required capabilities, and sometimes the order was the was
the reverse. Make it consistent.

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
---
 man2/clone.2 | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/man2/clone.2 b/man2/clone.2
index 794e4cb5e..0ad63b52e 100644
--- a/man2/clone.2
+++ b/man2/clone.2
@@ -457,15 +457,15 @@ If this flag is not set, then (as with
 the process is created in the same IPC namespace as
 the calling process.
 .IP
+For further information on IPC namespaces, see
+.BR ipc_namespaces (7).
+.IP
 Only a privileged process
 .RB ( CAP_SYS_ADMIN )
 can employ
 .BR CLONE_NEWIPC .
 This flag can't be specified in conjunction with
 .BR CLONE_SYSVSEM .
-.IP
-For further information on IPC namespaces, see
-.BR ipc_namespaces (7).
 .TP
 .BR CLONE_NEWNET " (since Linux 2.6.24)"
 (The implementation of this flag was completed only
@@ -497,6 +497,11 @@ If
 is not set, the child lives in the same mount
 namespace as the parent.
 .IP
+For further information on mount namespaces, see
+.BR namespaces (7)
+and
+.BR mount_namespaces (7).
+.IP
 Only a privileged process
 .RB ( CAP_SYS_ADMIN )
 can employ
@@ -507,11 +512,6 @@ and
 .B CLONE_FS
 .\" See https://lwn.net/Articles/543273/
 in the same clone call.
-.IP
-For further information on mount namespaces, see
-.BR namespaces (7)
-and
-.BR mount_namespaces (7).
 .TP
 .BR CLONE_NEWPID " (since Linux 2.6.24)"
 .\" This explanation draws a lot of details from
@@ -560,6 +560,11 @@ If this flag is not set, then (as with
 .BR fork (2))
 the process is created in the same user namespace as the calling process.
 .IP
+For further information on user namespaces, see
+.BR namespaces (7)
+and
+.BR user_namespaces (7).
+.IP
 Before Linux 3.8, use of
 .BR CLONE_NEWUSER
 required that the caller have three capabilities:
@@ -584,11 +589,6 @@ For security reasons,
 .BR CLONE_NEWUSER
 cannot be specified in conjunction with
 .BR CLONE_FS .
-.IP
-For further information on user namespaces, see
-.BR namespaces (7)
-and
-.BR user_namespaces (7).
 .TP
 .BR CLONE_NEWUTS " (since Linux 2.6.19)"
 If
@@ -601,13 +601,13 @@ If this flag is not set, then (as with
 the process is created in the same UTS namespace as
 the calling process.
 .IP
+For further information on UTS namespaces, see
+.BR uts_namespaces (7).
+.IP
 Only a privileged process
 .RB ( CAP_SYS_ADMIN )
 can employ
 .BR CLONE_NEWUTS .
-.IP
-For further information on UTS namespaces, see
-.BR uts_namespaces (7).
 .TP
 .BR CLONE_PARENT " (since Linux 2.3.12)"
 If