From 420c7379fb96a188459690a634d0fede55721183 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 20 Nov 2013 22:10:42 +0100
Subject: nspawn: add new --drop-capability= switch

---
 man/systemd-nspawn.xml | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'man/systemd-nspawn.xml')

diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index 3707a5ec94..75d2e6d72e 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -303,6 +303,16 @@
                                 CAP_AUDIT_CONTROL.</para></listitem>
                         </varlistentry>
 
+                        <varlistentry>
+                                <term><option>--drop-capability=</option></term>
+
+                                <listitem><para>Specify one or more
+                                additional capabilities to drop for
+                                the container. This allows running the
+                                container with fewer capabilities than
+                                the default (see above).</para></listitem>
+                        </varlistentry>
+
                         <varlistentry>
                                 <term><option>--link-journal=</option></term>
 
-- 
cgit v1.2.3-54-g00ecf