From 48a596a804a24a5b4b3512a58a785b17781c49d0 Mon Sep 17 00:00:00 2001
From: Sven Dowideit <SvenDowideit@docker.com>
Date: Fri, 5 Dec 2014 16:30:47 +1000
Subject: [PATCH] add --cap-add=NET_ADMIN to make a new network device

inspired by #9452

Docker-DCO-1.1-Signed-off-by: Sven Dowideit <SvenDowideit@docker.com> (github: SvenDowideit)

Signed-off-by: Sven Dowideit <SvenDowideit@docker.com>
---
 docs/sources/reference/run.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/sources/reference/run.md b/docs/sources/reference/run.md
index 8b0c6a1591..01e98ba35b 100644
--- a/docs/sources/reference/run.md
+++ b/docs/sources/reference/run.md
@@ -360,6 +360,10 @@ operator wants to have all capabilities but `MKNOD` they could use:
 For interacting with the network stack, instead of using `--privileged` they
 should use `--cap-add=NET_ADMIN` to modify the network interfaces.
 
+    $ docker run -t -i --rm  ubuntu:14.04 ip link add dummy0 type dummy
+    RTNETLINK answers: Operation not permitted
+    $ docker run -t -i --rm --cap-add=NET_ADMIN ubuntu:14.04 ip link add dummy0 type dummy
+
 If the Docker daemon was started using the `lxc` exec-driver
 (`docker -d --exec-driver=lxc`) then the operator can also specify LXC options
 using one or more `--lxc-conf` parameters. These can be new parameters or