Add cgroup namespce option to minijail0 manpage
The new -N option wasn't yet added to the manpage. It utilizes the new
cgroup namespace feature of v4.6+ Linux kernels.
BUG=none
TEST=man ./minijail0.1
Change-Id: I3417b209678f3cbb6442eac8839d17ae041a42da
Signed-off-by: Dylan Reid <dgreid@chromium.org>
diff --git a/minijail0.1 b/minijail0.1
index 685b6a6..3e077c1 100644
--- a/minijail0.1
+++ b/minijail0.1
@@ -83,6 +83,11 @@
Set the process's \fIno_new_privs\fR bit. See \fBprctl(2)\fR and the kernel
source file \fIDocumentation/prctl/no_new_privs.txt\fR for more info.
.TP
+\fB-N\fR
+Run inside a new cgroup namespace. This option runs the program with a cgroup
+view showing the program's cgroup as the root. This is only available on v4.6+
+of the Linux kernel.
+.TP
\fB-p\fR
Run inside a new PID namespace. This option will make it impossible for the
program to see or affect processes that are not its descendants. This implies