X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsystemd-nspawn.xml;h=feafb31bc026f1da9f3ea3e3c3b80116365de039;hb=edeb68c53f1cdc452016b4c8512586a70b1262e3;hp=e7c859d11daea90f458b1ab63b2ebcaa74609d18;hpb=845c53246f73a505f12bb7f685a530045fa60a40;p=elogind.git

diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index e7c859d11..feafb31bc 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -133,6 +133,28 @@
                 <ulink
                 url="http://www.freedesktop.org/wiki/Software/systemd/ContainerInterface">Container
                 Interface</ulink> specification.</para>
+
+                <para>As a safety check
+                <command>systemd-nspawn</command> will verify the
+                existence of <filename>/etc/os-release</filename> in
+                the container tree before starting the container (see
+                <citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry>). It
+                might be necessary to add this file to the container
+                tree manually if the OS of the container is too old to
+                contain this file out-of-the-box.</para>
+        </refsect1>
+
+        <refsect1>
+                <title>Incompatibility with Auditing</title>
+
+                <para>Note that the kernel auditing subsystem is
+                currently broken when used together with
+                containers. We hence recommend turning it off entirely
+                by booting with <literal>audit=0</literal> on the
+                kernel command line, or by turning it off at kernel
+                build time. If auditing is enabled in the kernel
+                operating systems booted in an nspawn container might
+                refuse log-in attempts.</para>
         </refsect1>
 
         <refsect1>
@@ -220,7 +242,7 @@
                         <varlistentry>
                                 <term><option>--uuid=</option></term>
 
-                                <listitem><para>Set the specified uuid
+                                <listitem><para>Set the specified UUID
                                 for the container. The init system
                                 will initialize
                                 <filename>/etc/machine-id</filename>
@@ -252,7 +274,7 @@
                                 <term><option>--read-only</option></term>
 
                                 <listitem><para>Mount the root file
-                                system read only for the
+                                system read-only for the
                                 container.</para></listitem>
                         </varlistentry>
 
@@ -261,7 +283,7 @@
 
                                 <listitem><para>List one or more
                                 additional capabilities to grant the
-                                container. Takes a comma separated
+                                container. Takes a comma-separated
                                 list of capability names, see
                                 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
                                 for more information. Note that the
