Add cgroup namespce option to minijail0 manpage

The new -N option wasn't yet added to the manpage.  It utilizes the new
cgroup namespace feature of v4.6+ Linux kernels.

TEST=man ./minijail0.1

Signed-off-by: Dylan Reid <>
(cherry picked from commit 87e5851ba5eee9c8ff57c37aefa09f089f75c935)

Change-Id: I55506830cee475d1fb429d7583ef4e8ff389474b
Commit-Ready: Dylan Reid <>
Tested-by: Dylan Reid <>
Reviewed-by: Stephen Barber <>
diff --git a/minijail0.1 b/minijail0.1
index 685b6a6..3e077c1 100644
--- a/minijail0.1
+++ b/minijail0.1
@@ -83,6 +83,11 @@
 Set the process's \fIno_new_privs\fR bit. See \fBprctl(2)\fR and the kernel
 source file \fIDocumentation/prctl/no_new_privs.txt\fR for more info.
+Run inside a new cgroup namespace. This option runs the program with a cgroup
+view showing the program's cgroup as the root. This is only available on v4.6+
+of the Linux kernel.
 Run inside a new PID namespace. This option will make it impossible for the
 program to see or affect processes that are not its descendants. This implies