capabilities.7: SECBIT_KEEP_CAPS is ignored if SECBIT_NO_SETUID_FIXUP is set

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

man7/capabilities.7

@@ -1295,6 +1295,13 @@ in those sets.
 This flag is always cleared on an
 .BR execve (2).
 .IP
+The setting of the
+.B SECBIT_KEEP_CAPS
+flag is ignored if the
+.B SECBIT_NO_SETUID_FIXUP
+flag is set.
+(The latter flag provides a superset of the effect of the former flag.)
+.IP
 This flag provides the same functionality as the older
 .BR prctl (2)
 .B PR_SET_KEEPCAPS